Protection Upfront: PAM to Prevent Ransomware Attacks Like Colonial Pipeline

Bryan Christ

May 18, 2021

The amount Colonial Pipeline paid to DarkSide ransomware attackers: $5 million. A costly hack, but certainly not the first cyberattack the U.S. energy industry has experienced. In 2020, energy companies endured the third-largest number of cyber assaults of any industry, up from ninth just a year before.

The Colonial Pipeline attack is just the latest high-profile example of the kind of cybersecurity breaches that U.S. enterprise businesses, higher education institutions, and other organizations deal with every day. In the wake of the pandemic, cybercriminals are ramping up assaults on firms with software connected to operational control systems. (External actors perpetrate 70% of these breaches, and 55% were committed by organized criminal groups, according to a 2020 Verizon Data Breach Investigations Report.) As more industries continue to embrace digital transformation and networks become more intertwined in the day-to-day operations, every vertical is at risk. 

Criminal organizations like DarkSide have deployed a lucrative hacking and ransomware platform, holding many organizations hostage and forcing them to make millions of dollars in payouts. But the anatomy of a typical attack doesn’t change much. In most instances, ransomware attackers use tools and exploits to breach your system using a valid set of stolen credentials.

The only solution for organizations is to stay a step ahead of these vulnerabilities. To better prepare for and (ideally) protect against these attacks,  organizations need a more proactive, bold solution, such as privileged access management (PAM). By examining the differences between a reactive and proactive approach to cybersecurity, the value of investing in PAM is apparent.

A Reactive Approach Leaves Unprepared Organizations Vulnerable

  1. Access: As organizations evolve and scale, the number of passwords increases exponentially, raising complexity and security issues. These mission-critical passwords are often written down and accessible to anyone who knows where to look, including hackers.
  2. Accountability: In a network unsecured by a PAM solution, shared credentials increase the risk of compromise and liability. Moreover, they render audit trails incomplete and nonexistent should an organization need to find the root of their network vulnerabilities.
  3. Exposure: As passwords age, exposure also increases. Static passwords pose a growing risk from former employees, bad actors, and ransomware attackers looking for exploits.
  4. Scalability: As they upgrade infrastructure and grow, organizations are perpetually deploying new servers, workstations, and virtual machines. These new point-to-point connections increase vulnerability to hackers and managing, protecting them at scale is challenging.

Instead of choosing responsive triage, organizations should be armed and adaptable with a ready PAM solution so they are dynamic, evolving, and equipped.

A Proactive Approach With an Implemented PAM Solution Has Organizations Prepared

  1. Access: If these same organizations were to utilize a PAM implementation, they would store and vault passwords across complex and changing networks. Also, they could control access to accounts with password checkout, concurrency rules, and just-in-time access. 
  2. Accountability: PAM-empowered operations can personally identify users with a login and strong adaptive multi-factor authentication. Responsibility is cultivated through access request authorization, logged access, and record sessions to track down user error and susceptibility.
  3. Exposure: With a PAM solution, an organization can randomize passwords after use, set expiration on checkouts, and keep passwords under wraps unless necessary. This virtually eliminates an access and exposure point for would-be hackers.
  4. Scalability: Even when following best practices, ransomware attackers often exploit weaknesses in complex systems where access vulnerabilities are exposed when the systems scale. Using a wide range of connectors, a robust PAM solution automatically discovers and imports privileged accounts as the organization changes and grows.

The threat of ransomware attacks flows far beyond pipelines and the energy sector, your organization should be prepared. The proactive approach of a PAM solution will help your technology react accordingly should you get hacked — ensuring security, dynamism, and adaptability — saving you time and lost money, along with a stream of other benefits.

Learn how the Hitachi ID Bravura Security Fabric is uniquely capable of enabling your digital transformation away from siloed reactive implementations to proactive IAM and PAM solutions in a unified solution, in our Power of One summit webinar:

Watch the Webinar