Pipeline Integrity Management and Data Science Blog

How to Safeguard Pipeline Integrity Data Against Ransomware

On May 7th, 2021, a ransomware attack halted Colonial Pipeline’s operations and led to gas shortages along the eastern U.S. The operator paid a $5 million ransom to Eastern European hackers to regain control of their system.

Despite being able to restore operations several days later, these attacks take operators much longer to return their delivery supply chain to normal.

Incidents like this are a wake-up call for operators to re-examine their network security practices, procedures and protections, including taking advantage of advanced cloud-based platforms like Cognitive Integrity Management. OneBridge’s CIM gives you several options for eliminating pipeline data vulnerabilities today to prevent ransomware attacks in the future.

Let’s examine the dangers of ransomware, how it affects pipeline operators and how to protect critical integrity data.

Ransomware isn’t a new threat, but it’s a serious one

Ransomware threats to pipeline operators are not something new—as far back as 2011, hackers were using malicious programming to extort victims. Ransomware enables a hacker to take control of your system and/or data—getting it back means paying a hefty sum.

According to the Justice Department, ransomware is becoming more prevalent, and 2020 was “the worst year to date for ransomware attacks.”

Typically, hackers spread ransomware using a phishing email, which looks legitimate but isn’t. By tricking a user into downloading an attachment, the hacker’s program can take over the user’s computer and encrypt files. Ransomware can also come from an infected website, fake apps, or malicious internet advertisements.

Antivirus firewalls protect against ransomware, but employee security awareness is equally important. “Security safeguards alone will not protect a company from phishing scams,” said Dr. Mona Rashidirad of the University of Sussex Business School.

Lapses in judgment can make an organization vulnerable to an attack as most hackers require a human to allow their program onto a network. Employees should be able to recognize phishing scams and malicious links as part of an effective defense against ransomware.

Like what we have seen recently, many victims end up paying the ransom to regain control of their system. Without a cloud backup to restore ransomed files, a victim who’s potentially losing millions of dollars a day may see payment as their only solution.

Small security vulnerabilities come with big costs

The recent ransomware attack cost $5 million in cryptocurrency, but the disruption to operations was much more costly and far-reaching.

Shutdowns like these results in downtime and lost revenue, not to mention gas shortages and panic-buying at the pump in states within the distribution network. Upstream refineries that supply fuel cut their production in response to the shutdown. Such shutdowns can also force airlines to seek alternative delivery methods, such as trucking, to get the fuel they need.

After a cyberattack, indirect costs for restoration include replacing or recovering critical information and repairing any damage to the network or other files. There’s also a cost for strengthening security, which involves infrastructure replacement, software updates, employee training and more.

In the most recent attack, the operator was quick to act and was able to mitigate the impact of the cyber attack to the integrity management program. This is because they had a robust digital strategy in place to get back on track.

Vulnerability to cyberattacks also costs an operator when it comes to their reputation. Customers may leave, turning to a partnership with the security they can trust. And attracting new customers is challenging with a history of a ransomware attack.

The direct and indirect costs of an attack make cybersecurity a worthwhile investment.

How to protect sensitive pipeline data

Nowadays, internet connectivity enables smooth operations for modern pipeline infrastructure. However, protecting system operations and sensitive pipeline data involves providing legitimate users the access they need while also keeping intruders out.

Effective cybersecurity uses end-to-end protection and a Zero Trust approach, which only allows connections with iron-clad credentials. Multi-factor Authentication (MFA) is a simple way to prevent unauthorized access. MFA is available with a commercial subscription to the cloud-based Microsoft Azure platform as part of its cutting-edge cybersecurity features.

Ultimately, software security isn’t just an IT responsibility—everyone, from engineers to operations staff, needs to work together to keep pipeline data safe from ransomware attacks.

CIM safeguards integrity data 24/7, 365

Pipeline operators manage vast amounts of integrity information, including years of data and analysis. Losing everything in a cyberattack would devastate a pipeline integrity program, leading to increased risk from unaddressed integrity threats.

At OneBridge, our Cognitive Integrity Management program, CIM, is 100% built on the world-leading Microsoft Azure platform. By leveraging the superior security of the cloud, CIM enables the right people to access integrity information while shielding it with the latest data protection advancements.

Are you doing everything you can to protect your integrity information?

Contact OneBridge to learn more about CIM’s security features, including built-in ransomware protection.