How ‘Just Plain Old Ransomware’ Took Down Colonial Pipeline

In this episode of Cybersecurity (Marketing) Unplugged, Stiennon also discusses:

  • The vulnerability of U.S. critical infrastructure;
  • The possible motivations behind the attack;
  • How we should respond to our adversaries

Richard Stiennon is the chief research analyst for IT-Harvest, the firm he founded in 2005 to cover the 2,600+ vendors in the IT security industry. He has held leadership positions at PricewaterhouseCoopers, Webroot and Fortinet. Previously, he was a research VP at Gartner for their IT Security Research Practice and held CMO and CSO roles.

Richard Stiennon, a research analyst and the author of Security Yearbook 2021A History and Directory of the IT Security Industry, weighs in on the recent Colonial Pipeline attack.

[U.S. critical infrastructure] is extremely vulnerable. A targeted attacker that was at least as knowledgeable as the NSA could figure out what needed to be done to cause tremendous havoc. A pipeline is one thing, a power station, the signals for trains, the air traffic control system. … Everything that makes our lives move smoothly, is connected to control systems, which are run by essentially mini-computers that are completely vulnerable.