News
Expert comments: German fuel supplies hit by cyber-attack
February 2022 by Experts
After the recent news that a cyber-attack has struck German fuel supplies, meaning suppliers are working at a limited capacity after IT systems were disrupted at the weekend.
Off the back of this, two cybersecurity expert comments which you are welcome to use in any pieces you are writing on the news:
Matt Aldridge, Principal Solutions Consultant at Carbonite + Webroot:
“The oil and gas industry is a high-value and lucrative industry and so naturally one that cybercriminals are keen to target. This attack demonstrates that criminals aren’t slowing down when it comes to targeting critical infrastructure and serves as a reminder that organisations in this sector have a huge responsibility to keep private information secure.
Although the cause of the hack is yet unclear, organisations can limit the impact of these attacks by ensuring they have clearly defined cybersecurity policies and procedures in place. With risky employee IT behaviours frequently causing security compromises, this starts with employee education – which underscores all effective cyber resilience and data protection strategies.
Security awareness training programmes can now inform and test employees on the latest threats in real-time, including information security, social engineering, malware, and industry-specific compliance topics. Along with comprehensive best practice guides, organisations can use these tactics to improve employee vigilance and defend endpoints from attacks in the future.”
René Golembewski, Director, Technical Solutions Engineering at Tanium:
“Although the company is currently working to determine the exact extent of the attack and minimise the damage, it looks as if it has been the victim of a ransomware attack.
This type of attack on companies uses vulnerabilities in the IT infrastructure as a gateway to first scan the entire company network. Only when sufficient data and information have been compromised by the hackers does the intruder, who has often remained undetected until then, reveal themselves. Then the internal systems are completely hijacked and paralysed by malware. In exchange for money, the affected company is then usually provided with a key to regain control.
But what makes this latest attack so explosive is the fact that hackers specifically targeted a company whose operations are critical to the economic infrastructure – meaning it can impact the entire, complex supply chain.
This type of attack repeatedly highlights how important it is for companies to have an overview of their entire IT environment. After all, with the right tools, an attacker can be found on the network before they make their presence felt using malware. This is where a centrally manageable and automated endpoint management solution is of great benefit, as it allows not only full visibility of all the endpoints, but also full control over them. Vulnerabilities and security gaps can thus be detected quickly and in real time using reliable endpoint data. In this way, the likelihood of a successful cyber-attack can be prevented and its impact significantly minimised. After all, a company can only adequately secure and protect its networks by having an all-encompassing overview.”
