ThreatConnect Podcast

ThreatConnect Ep. 17: From WannaCry With Love

As the Colonial Pipeline Company continues the process of slowly recovering from a major ransomware attack, it does so as the world approaches the four-year anniversary of the WannaCry attack, a ransomware attack that should have been a wake-up call for federal regulators and the owners and operators of our nation’s critical infrastructure.

WannaCry, first detected on May 12, 2017, was one of the largest global ransomware attacks in history. It impacted more than 100,000 businesses, government agencies, and organizations worldwide, including dozens of energy, utility, and manufacturing companies.

WannaCry ransomware, NotPetya, Colonial PipelineOur very own Steve Ward not only recently experienced some of the disruptions from the Colonial attack this week, but he also had a front-row seat to Wannacry. Steve was with the industrial control system Security vendor Claroty at the time.

“And so I sit here on the 12th of May, the four-year anniversary of WannaCry and NotPetya next month, gas lines and fuel shortages are going on because people are freaking out and hoarding,” said Ward. “And so this has to be the moment. There cannot be another one of these where we’re caught by surprise. ‘I didn’t see that coming,’ is so 2020.”

The energy industry is the most targeted industry in the world for cyberattacks, according to Hornet Security, a German cloud security provider. In fact, industrial control system cybersecurity expert Joe Weiss, who we interviewed in Episode 16, has amassed a database of more than 12 million ICS security incidents that have cost companies more than $80 billion and contributed to the loss of more than 1,500 lives.