Could Off-Site Backups have Reduced Downtime for Colonial Pipeline?


There is a growing ransomware trend in the US and the Colonial Pipeline hack is just the latest of these attacks. “Cybercriminals have attacked solar power firms, water treatment plants, and police departments in attempts to extort money” says a recent article from The Guardian. The cyberattack on the Colonial Pipeline caused fuel shortages across the eastern seaboard and 4 states declared a state of emergency. 

How was the pipeline hacked?

The modern operation of the Colonial Pipeline is extremely digital. Things like pressure sensors, thermostats, valves and pumps, and other equipment used to monitor and control the flow of gas are controlled digitally, within a central system. 

Experts say that some of the biggest attacks they’ve seen started with an email. Employees are tricked into downloading malware, giving hackers access to the network. It is not known how long the hackers were inside Colonial’s IT network before launching their ransomware attack. 

How can this be prevented?

The simplest way to prevent these attacks is by keeping operational technology offline, however this is becoming harder and harder to do while maintaining efficiency. Physical off-site backup options can be a critical part of information security. 

Offsite backups are a way of securing data to a server or location that is different from the primary server. A full backup can provide security for the entire system. Offsite backups are important for many reasons including preservation of primary storage space, protection against a complete system crash, assurance in the event of a hard drive failure, and recourse in the event of data breach. For more information read here says backups can protect against ransomware. The best defence to a ransomware attack is the ability to restore data from clean backups. This saves your organization from spending money and guarantees that the information comes back exactly as you had it. 

Here are a few tips for a good backup recovery protocol: 

  • Make regular backups
  • Review retention policies to ensure your backups are most useful 
  • Ensure backups are clean and robust
  • Test backup and recovery plans regularly

Read here for more information about Data Protection and Backup Tape Vault Storage

Backups and Time Savings

They say the best offense is a good defense, and we agree. Backups not only provide peace of mind, but they also ensure that your data can be restored quickly in the event of a hack. This allows you to minimize downtime and the trickle-down effects of an outage, similar to what we saw with Colonial Pipeline. Their systems remained down for several days while teams work to recover and repair the damage. A clean, offline backup may have allowed them a faster recovery time, limiting the impact on pipeline distribution throughout the east coast.