{"id":5337,"date":"2021-05-11T15:59:21","date_gmt":"2021-05-11T19:59:21","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=5337"},"modified":"2021-05-11T15:59:21","modified_gmt":"2021-05-11T19:59:21","slug":"identity-management-perspective-on-the-colonial-pipeline-hack","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/","title":{"rendered":"Identity Management Perspective on the Colonial Pipeline Hack"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-4578\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam.jpg\" alt=\"Identity Management Perspective on the Colonial Pipeline Hack\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam-300x150.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam-768x384.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam-540x270.jpg 540w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam-162x81.jpg 162w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The <a href=\"https:\/\/solutionsreview.com\/endpoint-security\/the-colonial-pipeline-hack-what-to-know-and-commentary\/\" target=\"_blank\" rel=\"noopener\">Colonial Pipeline Hack<\/a> is one of the most devastating, most public ransomware attacks in history; it\u2019s become one of the most damaging cyber-attacks to affect American critical infrastructure.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">As a result, we continue to compile expert commentary for <a href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\">cybersecurity<\/a> perspectives from around the world. In this article, we shared some of the perspectives we\u2019ve received which is of interest to more <a href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-identity-and-access-management-software-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener\">identity management<\/a>-focused businesses.\u00a0<\/span><\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2021\/02\/Identity_Suggestion_Engine_Horiz_800.gif\" alt=\"IAM Solution Suggestion Engine\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<h2 style=\"text-align: justify\"><b>Identity Management Perspective on the Colonial Pipeline Hack<\/b><\/h2>\n<h3 style=\"text-align: justify\"><b>Matt Trushinski<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Matt Trushinski is Technical Director at <\/span><\/i><a href=\"https:\/\/arcticwolf.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Arctic Wolf<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cRansomware-as-a-Service is big business and we are not surprised groups like DarkSide are capitalizing on extortion techniques that are quickly becoming a hallmark for many eCrime actors. The hallmark of DarkSide attacks, among other eCrime groups, is that they do extensive research on their targets and are mainly interested in large corporations. This creates a sense of urgency especially as we see critical infrastructure suffering kinetic impact. This situation illustrates a growing security crisis. It\u2019s imperative that if prevention fails, there is a world-class security operations infrastructure in place to detect, manage, and mitigate any threat.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Tom Garrubba<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Tom Garrubba is CISO of <\/span><\/i><a href=\"https:\/\/sharedassessments.org\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Shared Assessments<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.\u00a0<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cNumerous agencies including CISA have been trumpeting warnings or \u2018calls to action\u2019 to update critical infrastructure for years, and sadly, the time for initial action has long since passed. The evidence is clear: we are under attack by both rogue and state-sponsored organizations and the cyber community along with the general public have taken notice and are getting very worried.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cAny company whether primary or downstream providing support to our country\u2019s national infrastructure needs to take a good hard look at the systems supporting those processes and ask themselves: \u201cCan we be next? Do we need to update our systems? Do we need assistance to support and secure these systems?\u201d and if so, petition their corporate boards and owners for the requisite financial support in upgrading and securing these systems.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cAs there is so much talk in Washington D.C. regarding support for a National Infrastructure bill, the time has truly arrived for our congressional representatives to include and support this most critical infrastructure component &#8211; the identification, inclusion, and funding for upgrading the various antiquated systems supporting this nation\u2019s critical infrastructure.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Garret Grajek<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Garret Grajek is CEO of <\/span><\/i><a href=\"https:\/\/youattest.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">YouAttest<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.<\/span><\/i><span style=\"font-weight: 400\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cThe effects of this attack are serious enough: stopping 2.5 million barrels per day of refined products from the Gulf Coast to the eastern and southern United States. But is additionally alarming is how the attack group, surmised by researchers as the &#8220;Darkside&#8221; group hailing out of Russia, is now operating.\u00a0 (Darkside is selective in its targets and avoids ex-Soviet Union enterprises.)<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">According to Cybereason, Darkside has created an affiliate program &#8211; where Darkside creates the malware and others are financially motivated via an embedded &#8220;affiliate&#8221; code to other hacking groups for a successful delivery of the malware.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">This means that there&#8217;s not just one threat vector to close off, but dozens if not more attack entries to block.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">How to protect against such attacks?\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Darkside has often created malware-targeted domain controllers &#8211; so traditional hardening approaches are crucial, including patching and a fanatical lockdown of admin and service accounts. We must not only be performing regular access reviews of our key admin accounts but also have instantaneous alerts on any attempts at privilege escalation on these accounts.&#8221;<\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"hr hr\"><\/div><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Thanks to these experts for their time and expertise. For more on Identity Management, check out the<a href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-identity-and-access-management-software-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"> Buyer\u2019s Guide<\/a> or the <a href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\">Solutions Suggestion Engine<\/a>.\u00a0<\/span><\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2021\/02\/Identity_Suggestion_Engine_Horiz_800.gif\" alt=\"IAM Solution Suggestion Engine\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>The Colonial Pipeline Hack is one of the most devastating, most public ransomware attacks in history; it\u2019s become one of the most damaging cyber-attacks to affect American critical infrastructure.\u00a0 As a result, we continue to compile expert commentary for cybersecurity perspectives from around the world. In this article, we shared some of the perspectives we\u2019ve [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":4578,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5,1],"tags":[142,1684,125,1685,1686,16,1204,76,425,1024,1626],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Identity Management Perspective on the Colonial Pipeline Hack<\/title>\n<meta name=\"description\" content=\"The Colonial Pipeline Hack is one of the most devastating, most public ransomware attacks in history; the identity experts chime in.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/\",\"name\":\"Identity Management Perspective on the Colonial Pipeline Hack\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam.jpg\",\"datePublished\":\"2021-05-11T19:59:21+00:00\",\"dateModified\":\"2021-05-11T19:59:21+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"The Colonial Pipeline Hack is one of the most devastating, most public ransomware attacks in history; the identity experts chime in.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam.jpg\",\"width\":800,\"height\":400,\"caption\":\"UN Data Breach: Expert Commentary on a High-Profile Attack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Identity Management Perspective on the Colonial Pipeline Hack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Identity Management Perspective on the Colonial Pipeline Hack","description":"The Colonial Pipeline Hack is one of the most devastating, most public ransomware attacks in history; the identity experts chime in.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/","url":"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/","name":"Identity Management Perspective on the Colonial Pipeline Hack","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam.jpg","datePublished":"2021-05-11T19:59:21+00:00","dateModified":"2021-05-11T19:59:21+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"The Colonial Pipeline Hack is one of the most devastating, most public ransomware attacks in history; the identity experts chime in.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/09\/swam.jpg","width":800,"height":400,"caption":"UN Data Breach: Expert Commentary on a High-Profile Attack"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/identity-management-perspective-on-the-colonial-pipeline-hack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Identity Management Perspective on the Colonial Pipeline Hack"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/5337"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=5337"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/5337\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/4578"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=5337"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=5337"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=5337"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}