Two more high-profile ransomware attacks made national news, just days apart, in the latest attacks on critical U.S. businesses. JBS Foods, the world’s largest meat producer, and the Steamship Authority, the largest ferry line operating in Cape Cod, are cases that illustrate the growing threat hackers pose to key industries.
These attacks follow the recent Colonial Pipeline ransomware attack, which prompted President Joe Biden to sign an executive order outlining plans to strengthen the U.S. cybersecurity defenses, including improving supply chain security and implementing specific technologies like zero-trust networks and multi-factor authentication (MFA).
In addition to the White House’s executive order, the Department of Homeland Security (DHS) is establishing its own requirements specifically for companies in the oil pipeline industry. While some of the new cybersecurity regulations have been planned for some time, the new rapid rollout, expected to occur over the summer, is in direct response to the Colonial Pipeline attack that caused temporary regional gas shortages.
One of the key directives put in place immediately is that pipeline companies are now required to report cybersecurity incidents to federal authorities immediately. Requirements to follow this summer include new security requirements for the pipeline companies’ IT systems and a mandatory action plan in place that must be followed after a cyberattack.
Protect Your Organization from Ransomware
While basic measures such as firewalls or antivirus are a good first step, they do not keep your business completely protected. For example, antivirus is simply good practice and should be considered the first step in your foundational security, but it is not effective for stopping advanced security threats such as ransomware.
Endpoint Detection and Response (EDR) is an effective solution to detecting malware because it doesn’t rely on a single approach, but instead utilizes multiple methods for detecting malware and malicious actions within your network environment. EDR helps combat threats to your organization by recognizing:
- Misuse of legitimate applications (Powershell, WMI, MSHTA)
- File-based attacks (Microsoft Office, Adobe PDF, etc.)
- Unwanted software (browser toolbars, PUPs)
- Insider threats (malicious employee, compromised credentials, accidental release of data)
- Suspicious user activity
Risk Assessment services can also be helpful in determining what gaps exist in your current cybersecurity posture. These assessments help you prioritize where to start with mitigating risks. Many assessments, like those from Corsica Technologies, will also provide companies with a roadmap to get to their desired level of cybersecurity and compliance.