On Saturday, May 8th, the public was aware that The Colonial Pipeline was the victim of a Ransomware Cyber Security Attack. We now know that the ransomware name was called DarkSide, which CloudSmart IT protects against using SentinelOne. DarkSide is new to the crime family of RaaS (Ransomeware-as-a-Service as of November 2020. Click here to see how SentinelOne protects and then also mitigates the DarkSide ransomware.
According to Colonial Pipeline https://cpcyberresponse.com/ the ransomware was so bad that is started spreading throughout their network, and they ended up having to take systems offline on Sunday, May 9th, to contain the cyber attack. In the end, they ended up paying 5 million dollars to get their data back. Sadly they didn’t have the proper security and backups in place to have prevented this from happing.
The lesson here is really simple, have the proper security in place using CloudSmart IT’s Managed Network package and backup. If they had good backups, they could have deleted all of their infected data and restored it from May 7th before the attack occurred and been back up and running the next day. They also could have patched their computers, servers and been running next-generation antivirus software SentinelOne, and it would have never made the news.