Colorado Energy Company DMEA Loses 25 Years Of Data After Cyberattack

<p>Looking at the attack that wreaked havoc on data operations and the network infrastructure at Delta-Montrose Electric Association (DMEA), we should be mindful of the fact that some threat actors initiate cyber-attacks simply for the chaos they sow. Of course, ransomware attacks depend on spreading as much confusion and fear as possible to disrupt operations and force the targeted organization into a desperate mindset. We saw a similar situation with the Colonial Pipeline incident earlier this year, though that was more clearly a ransomware attack. However, in this case the DMEA’s comments don’t mention ransomware or ransoms specifically.</p>
<p>If you’re trying to take away a “lesson learned” from this incident, does it really matter what threat actors’ ultimate goals were, whether financial gain, pure chaos, weaponizing sensitive information, or all of the above? Assume that if your organization is targeted, hackers will go after your most sensitive data first and foremost. They will try to bring down the operational environment and disrupt your business as much as possible. The answer is vigilance and adopting the assumption that you are next. Protect your enterprise data not just with enhanced perimeter security but with data-centric security such as tokenization applied directly to that data. Beef up your disaster recovery plan and capabilities. Institute a stronger culture of cybersecurity within your organization that values care and caution over speed and velocity of operation (considering that social engineering tricks are a prime vector of attack), and lastly reduce any implicit trust of an entity or user based on location within the network down to zero: challenge, verify, and challenge again.</p>
<p>While it may take a lot of energy for your organization to stay prepared, the alternative could be a complete blackout of your operations.</p>