Data Security Comment: Colorado Energy Company Loses 25 Years Of Data

Colorado’s Delta-Montrose Electric Association (DMEA) is still struggling to recover from a devastating cyberattack last month that took down 90% of its internal systems and caused 25 years of historic data to be lost. In an update sent to customers this week, the company said it expects to be able to begin accepting payments through its SmartHub platform and other payment kiosks during the week of December 6. DMEA did not use the term “ransomware” but said much of their data had been corrupted while phone and email services were down for weeks.

Subscribe
Notify of
guest
1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Trevor Morgan
Trevor Morgan , Product Manager
InfoSec Expert
December 6, 2021 12:57 pm

<p>Looking at the attack that wreaked havoc on data operations and the network infrastructure at Delta-Montrose Electric Association (DMEA), we should be mindful of the fact that some threat actors initiate cyber-attacks simply for the chaos they sow. Of course, ransomware attacks depend on spreading as much confusion and fear as possible to disrupt operations and force the targeted organization into a desperate mindset. We saw a similar situation with the Colonial Pipeline incident earlier this year, though that was more clearly a ransomware attack. However, in this case the DMEA’s comments don’t mention ransomware or ransoms specifically.  </p>
<p>If you’re trying to take away a “lesson learned” from this incident, does it really matter what threat actors’ ultimate goals were, whether financial gain, pure chaos, weaponizing sensitive information, or all of the above? Assume that if your organization is targeted, hackers will go after your most sensitive data first and foremost. They will try to bring down the operational environment and disrupt your business as much as possible. The answer is vigilance and adopting the assumption that you are next. Protect your enterprise data not just with enhanced perimeter security but with data-centric security such as tokenization applied directly to that data. Beef up your disaster recovery plan and capabilities. Institute a stronger culture of cybersecurity within your organization that values care and caution over speed and velocity of operation (considering that social engineering tricks are a prime vector of attack), and lastly reduce any implicit trust of an entity or user based on location within the network down to zero: challenge, verify, and challenge again. While it may take a lot of energy for your organization to stay prepared, the alternative could be a complete blackout of your operations.</p>

Last edited 6 months ago by Trevor Morgan
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x