On May 3rd the Colonial Pipeline shut down operations. The system that provides gas to 17 U.S. states and 50 million people had been hacked and the Colonial Pipeline was at the mercy of a cyber gang called the DarkSide. 

Gas shortages caused prices to surge across the eastern states and even left civilians stranded with no access to gas whatsoever. As panic spread, everyone began to wonder how internet hackers could collapse one of the U.S.’s largest economic entities. 

Former Senior Intelligence Officer and Deputy Cyber Division Chief for the Defense Intelligence Agency Tyler Cohen Wood knows this attack should not have been as impactful as it was. In an interview with Cohen Wood, she explains how and why this cyberattack was so detrimental and how we can protect ourselves from future attacks across all industries. 

Why this should never have happened

This has been the most disruptive cyberattack in the U.S. since the Solarwinds attack in 2020 that left over 18,000 Solarwind customers, including U.S. government agencies, vulnerable to the attacker’s malware. “I’m not sure what it’s going to take for people to realize how detrimental these attacks are. There were easy precautions that should have been put in place to prevent this attack,” Cohen Wood explains. 

“We don’t know how the system was first breached, but since over 90% of breaches are due to phishing, I would assume the ransomware was set off by an administrative employee clicking a phishing link that allowed DarkSide to make its way into the pipeline’s network.” 

Cybersecurity training that teaches employees to look out for phishing and other cyber attacks is a great place to start in protecting your company, but Cohen Wood knows we are all human. We can’t be vigilant all the time and mistakes are made by the average person. The weight of the repercussions of an attack shouldn’t fall on an individual. 

Cohen Wood says all companies should keep their private, important information on a network separate from the network employees function on and use daily. This separation will prevent hackers from reaching the mainframe even if a phishing attempt is successful. A lot of times, it’s as simple as that. 

Why we can’t let it happen again

Since about 2015, cybersecurity professionals have prophesied an attack like this. Things like the rise of phishing and its effectiveness, old legacy systems that aren’t equipped to handle attacks, and AI making hacking easier, have been raising red flags for years. 

But the public notoriously writes off cyber threats. Cohen Wood believes the public doesn’t take cybersecurity seriously because it has always felt distant to the average civilian. Many people think it will never affect them but, as we see with the Colonial Pipeline attack, we are one threat away from an economic shutdown. But the threat is also a lot closer to home than most think. 

Cohen Wood spent years working for the Department of Defense Intelligence Agency as Deputy Cyber Division Chief where they used cybersecurity to track down pedophiles and other malicious offenders hiding in plain sight. 

“I always go back to protecting the children because I saw firsthand how scary it really is. One criminal used the metadata from a mother’s social media picture of her daughter to find their address.” 

Cohen Wood also laid out a scenario in which a cyber attacker hacks into a hospital’s genetic data and uses the database to build a bioweapon that wipes out an entire demographic. While these facets of cybersecurity are less talked about, they are a fear that can be acted upon if we don’t take our cybersecurity seriously. 

How to protect yourself

• Update your systems.

Many hackers target companies with old systems because they are more easily penetrated. A company will hold onto an old system for a number of reasons, but the most common is because it is too expensive or complicated to move their information and data from an old system to a new system. 

Cohen Wood reminds us, “Colonial Pipeline ended up paying $5 million in ransom to DarkSide. Although it may be expensive to switch systems it’s generally cheaper than paying ransom to buy back your company.”

• Use separate networks

It is important to use separate networks within your company to silo out important information, and it’s just as important to do this at home. Cohen Wood recommends keeping your Alexa, smart alarm, personal computer, and any other personal devices on a separate network than your work computers. 

This way if your company is hacked your personal information is not jeopardized. 

• Turn your social media on private 

Like Cohen Wood’s example earlier about pedophiles using social media to find children, other hackers use social media as well. Oftentimes, cyberattackers troll social media to find out valuable information about someone’s personal life and use it to guess passwords, find locations, and other nefarious things. 

The attack on the Colonial Pipeline was destructive and devastating, but Cohen Wood says “at least no one lost their life.” It can get a lot worse if we don’t start taking our cybersecurity seriously. It’s time we learn from those under attack and improve our systems to ensure a safer future.