How ‘Just Plain Old Ransomware’ Took Down Colonial Pipeline

Richard Stiennon is the chief research analyst for IT-Harvest, the firm he founded in 2005 to cover the 2,600+ vendors in the IT security industry. He has held leadership positions at PricewaterhouseCoopers, Webroot and Fortinet. Previously, he was a research VP at Gartner for their IT Security Research Practice and held CMO and CSO roles.

Richard Stiennon, a research analyst and the author of Security Yearbook 2021: A History and Directory of the IT Security Industry, weighs in on the recent Colonial Pipeline attack.

“[U.S. critical infrastructure] is extremely vulnerable. A targeted attacker that was at least as knowledgeable as the NSA could figure out what needed to be done to cause tremendous havoc. A pipeline is one thing, a power station, the signals for trains, the air traffic control system. … Everything that makes our lives move smoothly, is connected to control systems, which are run by essentially mini-computers that are completely vulnerable.”

In this episode of Cybersecurity Unplugged, Stiennon discusses:

  • The vulnerability of U.S. critical infrastructure;
  • The possible motivations behind the attack;
  • How we should respond to our adversaries.
Category: Podcast
Previous Post
Colonial Pipeline and Ransomware: The Kalashnikov of 2021
Next Post
Eliminating the Threat of Ransomware