One year ago, the Colonial Pipeline ransomware attack set off a chain reaction of cyber initiatives that would forever impact the private and public sectors.
Cybersecurity experts shared lessons learned from the attack and about how to implement a shared cyber defense between the public and private sectors to protect critical infrastructure at ATARC’s “Colonial Pipeline in Retrospect: Securing the Nation’s Critical Infrastructure” webinar on May 5.
“Colonial Pipeline was a galvanizing event for the country, raising awareness about the potential threats and risks posed by cyberattacks, that it’s not just ones and zeros inside of computers, [and] that these attacks could have real implications on our way of life,” said Brandon Wales, executive director of the Cybersecurity and Infrastructure Security Agency (CISA).
“I think what’s flowed downstream from that is a recognition and a willingness in both Congress and in the critical infrastructure [sectors] at large and the American people to take this issue more seriously than it has been in the past,” Wales added.
Following the Colonial Pipeline attack, Wales explained the government launched initiatives such as StopRansomware.gov, a one-stop shop created by CISA for individuals, businesses, and organizations to help combat the increasing trend of ransomware attacks.
President Biden issued his landmark cybersecurity executive order (EO) on May 12, just days after the Colonial Pipeline attack.
“We have dramatically increased our focus on operational collaboration with the critical infrastructure community to make sure that any available information that we have, is being used to arm the critical infrastructure community [and] have them be able to defend themselves,” Wales said.
“In addition, we have looked to provide more consolidated information so that it’s easier for small and medium-sized businesses to do the kind of things that they need to do to improve their cyber resilience and make sure that they’re not attacked or they’re not used as a way to get to a larger company inside of a complex supply chain.”
Wales said the recent launch of CISA’s “Shields Up” campaign has made many companies take this issue “more seriously,” after Federal cybersecurity and law enforcement officials warned of seeing indications of potential Russian cyberattacks on U.S. critical infrastructure.
Retired Gen. Keith Alexander, the former head of U.S. Cyber Command and the National Security Agency (NSA) – and since then the founder and co-chief executive officer of IronNet Cybersecurity – noted that CISA and the Federal government have done “a great job in the public-private partnership and highlighting what we need to do to protect these industries.”
However, Alexander warned that the private and public partnership must be strengthened and everyone must “work together,” so that “to beat one of us you have to beat all of us.”
“This network is growing at a significant rate… everything that we have as a nation now is dependent on this network. And it’s vulnerable,” Alexander said. “So, this partnership with what DHS’ CISA is doing, what DoD is doing, what the FBI is doing, and what the commercial sector is doing – we’ve got to bring that together in a more coherent way. That’s the future.”