Pipeline "ransomware" attack reflects weak infrastructure IT asset management, more hacks expected
By MYBRANDBOOK
More high-profile infrastructure attacks are likely to follow the hack of the Colonial Pipeline and a key part of the problem is weak IT Asset Management of computing devices and software, according to the International Association of IT Asset Managers (IAITAM), the leading authority on IT Asset Management (ITAM).
The now-hacked Colonial Pipeline, stretching from Texas to New England, has been called the “jugular” of the U.S. energy supply line, since it delivers about 45 percent of the fuel used on the East Coast. In recent months, there have been similar attacks on a major dam site, a city water supply, hospitals, municipalities (including police and fire services), and electrical utilities.
IAITAM President and CEO Dr. Barbara Rembiesa said: “The problem here comes down to one central reality: If you are not managing your assets, you’re not managing your business … and you can’t secure what you don’t know you have. Old and new infrastructure projects tend to be big and, as with a pipeline, may cover a huge amount of the country. When most people think about ‘security’ in such cases, they tend to think about the physical, low-tech side of things. But, increasingly, it is the cyber and high-tech side of things that leaves infrastructure projects wide open.
“This country is way behind where it needs to be in ensuring that every single device and piece of software associated with these infrastructure projects is accounted for, secure, and up to date. Old infrastructure is already under attack today because of a lack of rigorous IT Asset Management, and the prospect of the federal government adding billions of dollars to infrastructure without proper management will only add to the problem and open up more security loopholes. The government ratings on asset management are already low compared to private firms and we see that in GAO reports every year.
“All the people behind these ransomware attacks need is someone running a laptop in an unauthorized fashion on a non-secure network, such as a home Wi-Fi system. They don’t need much more than a central computer system that is running software that has not been properly patched or otherwise updated. And they are delighted to find an employee who is tapping into key systems remotely on a personal cellphone or other device that has not been authorized for such access.
“Until the operators of public water systems, energy pipelines, nuclear power plants, bridges, tunnels, airports, and other key infrastructure elements get serious about thorough and tough-minded IT Asset Management, we are going to see more and more ransomware attacks like the one on the Colonial Pipeline.”
IAITAM has been warning in recent months about a variety of major IT Asset Management lapses exposing U.S. businesses and agencies to serious repercussions. To see how IAITAM played a major leadership role in 2020 in alerting organizations for COVID-19 ITAM issues, see here, here, here, here, and here.
Nazara and ONDC set to transform in-game monetization with ‘
Nazara Technologies has teamed up with the Open Network for Digital Comme...
Jio Platforms and NICSI to offer cloud services to government
In a collaborative initiative, the National Informatics Centre Services In...
BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium
A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...
Pinterest tracks users without consent, alleges complaint
A recent complaint alleges that Pinterest, the popular image-sharing platf...
CENTRE FOR DEVELOPMENT OF TELEMATICS (C-DOT)
SAMSUNG INDIA ELECTRONICS LTD.
RELIANCE JIO INFOCOMM LTD.
MICROTEK INTERNATIONAL PVT. LTD.
ICONS OF INDIA : RAJESH NAMBIAR
Rajesh leads the company’s India associates and enhances relationshi...
ICONS OF INDIA : RAJIV MEMANI
As Chair of the EY Global Emerging Markets Committee, Rajiv connects e...
Icons Of India : ALOK OHRIE
Alok Ohrie leads Dell Technologies’ India business, overseeing Sales...
ECIL - Electronics Corporation of India Limited
ECIL is distinguished by its diverse technological capabilities and it...
C-DOT - Center of Development of Telematics
India’s premier research and development center focused on telecommu...
IFFCO - Indian Farmers Fertiliser Cooperative
IFFCO operates as a cooperative society owned and controlled by its fa...
Indian Tech Talent Excelling The Tech World - Thomas Kurian, CEO- Google Cloud
Thomas Kurian, the CEO of Google Cloud, has been instrumental in expan...
Indian Tech Talent Excelling The Tech World - RAVI KUMAR S, CEO- Cognizant
Ravi Kumar S, appointed as CEO of Cognizant in January 2023, sets the ...
Indian Tech Talent Excelling The Tech World - Rajiv Ramaswami, President & CEO, Nutanix Technologies
Rajiv Ramaswami, President and CEO of Nutanix, brings over 30 years of...