"2 Years After Colonial Pipeline, US Critical Infrastructure Still Not Ready for Ransomware"
Experts warn that efforts to counter the potentially crippling ransomware threat to US critical infrastructure have been insufficient. The cyberattack on Colonial Pipeline's Information Technology (IT) infrastructure caused it to cease operations for the first time, resulting in a fuel shortage and price increases that prompted four East Coast states to declare a state of emergency. The incident elevated ransomware to a threat to national security and called for coordinated action throughout the government. Since the attack and a following one on JBS that threatened domestic meat shortages, the US government has stated that it will treat ransomware attacks on critical infrastructure as acts of terrorism. Just days after the attack on the Colonial Pipeline, President Biden signed an Executive Order mandating new security requirements for critical infrastructure organizations. There have also been numerous federal and regulatory initiatives to strengthen the resilience of US critical infrastructure against attacks. However, the ransomware threat to critical infrastructure remains elevated, as demonstrated by a recent attack on Americold, the largest cold-storage provider in the US. Similar to the attack on Colonial Pipeline, the attack forced Americold to stop cold-storage operations while it worked to address the threat. 870 of the 2,385 ransomware complaints received by the FBI in 2017 were from critical infrastructure organizations. According to FBI data, 14 of the 16 designated critical infrastructure sectors had at least one victim of ransomware. This article continues to discuss US critical infrastructure still not being ready for ransomware attacks.