{"id":18597,"date":"2021-05-10T13:35:38","date_gmt":"2021-05-10T13:35:38","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=18597"},"modified":"2023-05-12T15:32:20","modified_gmt":"2023-05-12T15:32:20","slug":"colonial-pipeline-ransomware-attack","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/","title":{"rendered":"Colonial Pipeline Ransomware Attack Shows Critical Infrastructure Vulnerabilities"},"content":{"rendered":"<p>In the biggest cyberattack to date on critical infrastructure in the U.S., Colonial Pipeline \u2013 sprawling 5,500 miles from Houston to New York City \u2013 halted its mainlines on Friday, May 7, when administrators detected advanced <a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-protection\/\">ransomware<\/a> internally.<\/p>\n<p>On Thursday, a day before the ransomware attack, Russia-based cyber criminal group DarkSide stole more than 100GB of data, giving DarkSide added leverage to extract a ransom from Colonial Pipeline, which some speculated could end up paying a ransom to avoid a prolonged and potentially catastrophic shutdown. On Monday, May 10, Colonial announced that it had set a &#8220;goal of substantially restoring operational service by the end of the week,&#8221; which means the Eastern U.S. will likely face days of uncertainty over its energy supply.<\/p>\n<p>The attack should serve as a wake-up call for organizations in critical infrastructure that have failed to take ransomware protection steps and implement advanced cybersecurity defenses that limit the potential attack surface, like <a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/\">microsegmentation<\/a> and <a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\">zero trust<\/a>, to better isolate critical data and operational technology (OT).<\/p>\n<p><span style=\"font-weight: 400;\">More from <\/span><i><span style=\"font-weight: 400;\">eSecurity Planet<\/span><\/i><span style=\"font-weight: 400;\"> on the Colonial Pipeline ransomware attack:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><a href=\"https:\/\/www.esecurityplanet.com\/networks\/critical-infrastructure-protection-physical-cybersecurity\/\"><span style=\"font-weight: 400;\">Critical Infrastructure Protection: Both Physical and Cyber Security Matter<\/span><\/a><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><a href=\"https:\/\/www.esecurityplanet.com\/networks\/cisa-fbi-colonial-pipeline-ransomware\/\"><span style=\"font-weight: 400;\">U.S. Issues Ransomware Guidance, Cybersecurity Executive Order<\/span><\/a><\/li>\n<li aria-level=\"1\"><a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-zero-trust-security-can-protect-against-ransomware\/\"><span style=\"font-weight: 400;\">How Zero Trust Security Can Protect Against Ransomware<\/span><\/a><\/li>\n<\/ul>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68_1 ez-toc-wrap-left counter-flat ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-66d6e3487865d\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"ez-toc-cssicon\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-66d6e3487865d\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#Colonial-attack-route-speculation\" title=\"Colonial attack route speculation\">Colonial attack route speculation<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#Time-till-restoration\" title=\"Time till restoration\">Time till restoration<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#Federal-and-security-industry-response\" title=\"Federal and security industry response\">Federal and security industry response<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#Defending-against-DarkSide\" title=\"Defending against DarkSide\">Defending against DarkSide<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#Critical-infrastructure-needs-advanced-protection\" title=\"Critical infrastructure needs advanced protection\">Critical infrastructure needs advanced protection<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#The-fight-against-ransomware-continues\" title=\"The fight against ransomware continues\">The fight against ransomware continues<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Colonial-attack-route-speculation\"><\/span>Colonial attack route speculation<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Colonial, headquartered in Alpharetta, Georgia, is the largest refined energy provider in the United States. The Colonial Pipeline supplies 45% of the U.S. East Coast&#8217;s gasoline, diesel, jet fuel, and heating fuel. With prominent spurs in Georgia, South Carolina, North Carolina, Tennessee, and Virginia, Colonial supplies 70% of these southeastern states&#8217; liquid fuel. Colonial&#8217;s mainlines and spurs collectively transport 3.4 million barrels of oil and natural gas daily in the U.S., or nearly 150 million gallons \u2013 an amount that the trucking, rail and ship industries can&#8217;t match despite emergency orders easing limitations, thus putting pressure on Colonial to resolve the crisis before it cripples the East Coast.<\/p>\n<p>Upon recognizing the ransomware attack on Friday, Colonial stated they &#8220;proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.&#8221; As the energy provider attempts to remediate the breach, the company has signed on <a href=\"https:\/\/www.esecurityplanet.com\/products\/fireeye-endpoint\/\">FireEye Mandiant<\/a> to lead the investigation, as FireEye continues to make a name for itself after revealing the <a href=\"https:\/\/www.esecurityplanet.com\/threats\/fireeye-solarwinds-breaches-implications-protections\/\">Sunburst infiltration of SolarWinds<\/a> in December.<\/p>\n<p>Cybersecurity companies and insiders have speculated about possible causes of the attack.<\/p>\n<p>UK cybersecurity vendor Digital Shadows told the BBC that with more engineers remotely accessing control systems, it wouldn\u2019t be surprising if loosely organized remote access was the root vulnerability.<\/p>\n<p>In a Monday morning tweet, ex-CISA Director Chris Krebs tweeted:<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Coming out of a ransomware wknd every CEO shld convene the senior leader team and review security (MFA is on, yeah?), incident response plan (we have a plan and it\u2019s tested, no?), business cont plan (how long to restore backups? We do have backups? What do we do in the meantime?)<\/p>\n<p>\u2014 Chris Krebs (@C_C_Krebs) <a href=\"https:\/\/twitter.com\/C_C_Krebs\/status\/1391751981304270848?ref_src=twsrc%5Etfw\">May 10, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Time-till-restoration\"><\/span>Time till restoration<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>If attackers were limited to business computer systems, Dragos CEO Rob Lee <a href=\"https:\/\/www.politico.com\/trends\/\/2021\/05\/08\/colonial-pipeline-cyber-attack-485984\">told Politico<\/a>, &#8220;I think it&#8217;s going to be short-lived.&#8221;<\/p>\n<p>The quick response by most organizations to shut down mission-critical systems in an attempt to stop the spread inherently results in some downtime. Only making the economics of the situation worse, fuel supply for the two mainlines carrying fuels from Pasadena, Texas to Greensboro, North Carolina, had been depleted in recent months as demand for energy dropped during the <a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/remote-workforce-security\/\">pandemic<\/a>.<\/p>\n<p>CrowdStrike co-founder and former CTO Dmitri Alperovitch stated on Sunday via Twitter:<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Yet another example of physical infrastructure getting impacted even when only the IT networks are compromised.<\/p>\n<p>We\u2019ve seen this movie before with NotPetya and other IT attacks. If you can\u2019t bill or figure out who your customers are, you may have no choice but to shut it down <a href=\"https:\/\/t.co\/NkTJ5ttDwS\">https:\/\/t.co\/NkTJ5ttDwS<\/a><\/p>\n<p>\u2014 Dmitri Alperovitch (@DAlperovitch) <a href=\"https:\/\/twitter.com\/DAlperovitch\/status\/1391595348418834432?ref_src=twsrc%5Etfw\">May 10, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Colonial is in a position where a lengthy restart could be devastating to both the organization and the U.S. economy. Oil market analyst Gaurav Sharma <a href=\"https:\/\/www.bbc.com\/trends\/\/business-57050690\">told the BBC<\/a>, &#8220;Unless they sort it out by Tuesday, they&#8217;re in big trouble&#8230;The first areas to be hit would be Atlanta and Tennessee; then the domino effect goes up to New York.&#8221;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Federal-and-security-industry-response\"><\/span>Federal and security industry response<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>As President Biden addressed the nation in late April, <em>eSecurity Planet <\/em>reported on the prospect of <a href=\"https:\/\/www.esecurityplanet.com\/trends\/biden-cybersecurity-strategy\/\">an increasing government presence<\/a> in building a more robust cybersecurity infrastructure for both public and private institutions. In his joint address, Biden&#8217;s cyber strategy centered around curbing <a href=\"https:\/\/www.esecurityplanet.com\/threats\/advanced-persistent-threat\/\">advanced persistent threats<\/a> (APTs) coming out of Russia, but advanced cyber threats continue to skirt attribution standards for placing blame between countries, and Russia shows little sign of holding these in-state actors accountable.<\/p>\n<p>Before the Colonial attack, the Department of Energy and CISA launched an initiative to work with industrial control system operations to improve cybersecurity detection, and in February, CISA published a\u00a0<a href=\"https:\/\/www.cisa.gov\/pipeline-cybersecurity-library\">Pipeline Cybersecurity Resources Library<\/a>.<\/p>\n<p>A handful of federal agencies are now looking into the attack, with CISA and the FBI stating it was likely not a nation-state but rather a group dubbed DarkSide believed to reside in Russia. Crowdstrike co-founder Dmitri Alperovitch said, &#8220;Whether they work for the state or not is increasingly irrelevant, given Russia&#8217;s obvious policy of harboring and tolerating cybercrime.&#8221;<\/p>\n<p>In the days since news broke, many prominent Capitol Hill officials have shared their concerns and directly called for more vital cybersecurity for both the public and private sectors.<\/p>\n<p>As Congress debates massive infrastructure legislation, the Colonial Pipeline attack underscores the fact that <a href=\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-outlook-2021\/\">cybersecurity<\/a> itself is critical infrastructure and thus likely to see increasing Federal focus.<\/p>\n<p>With ransomware attacks on critical infrastructure up by 566% between 2018 and 2020, the security of these resources was already receiving significant attention. Last month, the private sector ransomware task force (RTF) launched a campaign to mitigate global ransomware attacks. Their <em>Comprehensive Framework for Action<\/em> offers <a href=\"https:\/\/securityandtechnology.org\/ransomwaretaskforce\/report\/\">48 recommendations<\/a> for detecting and disrupting ransomware.<\/p>\n<figure id=\"attachment_18599\" aria-describedby=\"caption-attachment-18599\" style=\"width: 696px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\" td-center wp-image-18599 size-large\" src=\"https:\/\/www.esecurityplanet.com\/wp-content\/uploads\/2021\/05\/Colonial-Pipeline-1024x819.jpeg\" alt=\"A map of the southeastern United States showing the Colonial Pipeline from Texas to New Jersey.\" width=\"696\" height=\"557\" srcset=\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-1024x819.jpeg 1024w, https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-300x240.jpeg 300w, https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-768x614.jpeg 768w, https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-1536x1229.jpeg 1536w, https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-2048x1638.jpeg 2048w, https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-150x120.jpeg 150w, https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-696x557.jpeg 696w, https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-1068x854.jpeg 1068w, https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-1920x1536.jpeg 1920w\" sizes=\"(max-width: 696px) 100vw, 696px\" \/><figcaption id=\"caption-attachment-18599\" class=\"wp-caption-text\">Source: Colonial Pipeline<\/figcaption><\/figure>\n<h2><span class=\"ez-toc-section\" id=\"Defending-against-DarkSide\"><\/span>Defending against DarkSide<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Starting in August 2020, the organized <a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-you-get-malware\/\">malware<\/a> group known as DarkSide has already made a name for itself, claiming over 40 victims in the last nine months. Two cybersecurity firms that offer in-depth analysis of the upstart Ransomware-as-a-Service (RaaS) group are <a href=\"https:\/\/www.cybereason.com\/blog\/cybereason-vs-darkside-ransomware\">Cybereason<\/a> and <a href=\"https:\/\/www.varonis.com\/blog\/darkside-ransomware\/\">Varonis<\/a>.<\/p>\n<p>What they describe are the same tactics, techniques, and practices (TTPs) that have become all too familiar with APTs. Malicious hacking families perform careful reconnaissance to inform a breach and attack strategy that will go undetected. TTPs described include:<\/p>\n<ul>\n<li aria-level=\"1\">Avoiding network segments where <a href=\"https:\/\/www.esecurityplanet.com\/products\/edr-solutions\/\">EDR<\/a> is running<\/li>\n<li aria-level=\"1\">Customized malware for attacking each client machine<\/li>\n<li aria-level=\"1\">Convoluting traffic with encoding and DLL<\/li>\n<li aria-level=\"1\">Harvesting <a href=\"https:\/\/www.esecurityplanet.com\/cloud\/how-netflix-secures-aws-cloud-credentials\/\">credentials<\/a> stored in files, memory, and controllers<\/li>\n<li aria-level=\"1\">Loosening permissions and spreading malware through file shares<\/li>\n<li aria-level=\"1\">Deleting <a href=\"https:\/\/www.esecurityplanet.com\/threats\/employees-and-data-backup-top-cybersecurity-awareness-month-concerns\/\">backups<\/a>, including shadow copies<\/li>\n<\/ul>\n<p>While ransomware continues to evolve as fast as defenses do, there are nonetheless defensive moves all organizations should be taking, as we outlined in <a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-protection\/\">Ransomware Protection in 2021<\/a>. These actions include:<\/p>\n<ul>\n<li aria-level=\"1\"><a href=\"https:\/\/www.esecurityplanet.com\/threats\/employees-and-data-backup-top-cybersecurity-awareness-month-concerns\/\">Training staff<\/a> to recognize malware and eliminate common user vulnerabilities<\/li>\n<li aria-level=\"1\">Optimizing software management with appropriate tracking, privileges, and <a href=\"https:\/\/www.esecurityplanet.com\/products\/patch-management-software\/\">patching<\/a><\/li>\n<li aria-level=\"1\">Blocking email spam, executables, and malicious JS files<\/li>\n<li aria-level=\"1\">Enlisting technologies like <a href=\"https:\/\/www.esecurityplanet.com\/products\/casb-security-vendors\/\">CASB<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/products\/intrusion-detection-and-prevention-systems\/\">IDPs<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/products\/siem-tools\/\">SIEM<\/a>, and EDR for advanced security systems<\/li>\n<li aria-level=\"1\">Moving towards a\u00a0<a href=\"https:\/\/www.esecurityplanet.com\/products\/zero-trust-security-solutions\/\">zero-trust<\/a> network and application framework where isolating applications and network segments provides the most robust internal security for protecting what&#8217;s most important<\/li>\n<li aria-level=\"1\">Always store viable backups offline for adequate protection and prompt restoration<\/li>\n<\/ul>\n<p><strong>Also Read: <\/strong><a href=\"https:\/\/www.esecurityplanet.com\/threats\/guarding-against-solorigate-ttps-solarwinds-hack\/\">Protecting Against Solorigate TTPs: SolarWinds Hack Defenses<\/a><\/p>\n<p>Sitting comfortably in the corner of the <a href=\"https:\/\/www.esecurityplanet.com\/networks\/alienvault-scours-the-dark-web-for-compromised-credentials\/\">dark web<\/a>, DarkSide&#8217;s code of ethics calls for attacks only against companies that can afford to pay its ransoms and a prohibition on attacking education, health, nonprofit, and government bodies. That said, there are no terms of service and little accountability for hackers seeking to target any institution.<\/p>\n<p>In a statement released today, DarkSide stated:<\/p>\n<p>&#8220;We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other [our] motives&#8230;Our goal is to make money, and not create problems for society.\u201d<\/p>\n<p>DarkSide also employs a double-extortion method where victim organizations&#8217; options are to pay for data restoration or don&#8217;t pay and the hackers publish the data. For public and private companies, data released could be immensely valuable proprietary information.<\/p>\n<p><strong>Also Read: <\/strong><a href=\"https:\/\/www.esecurityplanet.com\/threats\/malware-types\/\">Types of Malware | Best Malware Protection Practices for 2021<\/a><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Critical-infrastructure-needs-advanced-protection\"><\/span>Critical infrastructure needs advanced protection<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>From electric grids to water plants, critical infrastructure is the latest target of advanced persistent threats and ransomware. From <a href=\"https:\/\/www.esecurityplanet.com\/networks\/notpetya-cyber-attacks-point-to-a-need-for-comprehensive-risk-management\/\">NotPetya<\/a> hitting the Ukrainian energy sector in 2017 to an attack on a Tampa water treatment facility last year, public and private infrastructure are the critical cogs of the international economy.<\/p>\n<p><a href=\"https:\/\/sites.temple.edu\/care\/ci-rw-attacks\/\">Temple University<\/a> has compiled a record of critical infrastructure ransomware attacks (CIRW) dating to November 2013. Details of note include:<\/p>\n<ul>\n<li aria-level=\"1\">Maze, Ryuk, REvil, and <a href=\"https:\/\/www.esecurityplanet.com\/threats\/wannacry-ransomware-hits-us-critical-infrastructure\/\">WannaCry<\/a> made up 64% of the most commonly used strains.<\/li>\n<li aria-level=\"1\">Over half of ransomware attacks target government facilities (24.4%), healthcare and public health (15.9%), and education facilities (13.7%).<\/li>\n<li aria-level=\"1\">While the number of attacks was between 70-80 between 2016 and 2018, attacks jumped to 205 in 2019 and 396 in 2020.<\/li>\n<li aria-level=\"1\">Almost 42% of attacks lasted longer than one week, and 13% lasted more than a month.<\/li>\n<\/ul>\n<p><strong>Also Read: <\/strong><a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-protection\/\">Anti-Virus Solutions Fail to Protect Against Ransomware<\/a><\/p>\n<h2><span class=\"ez-toc-section\" id=\"The-fight-against-ransomware-continues\"><\/span>The fight against ransomware continues<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The Colonial Pipeline attack could serve to make critical infrastructure attacks even more attractive for cybercriminals. Organized malware gangs are cognizant of modern defensive strategies and patient enough to collect information and attack when the time is right.<\/p>\n<p>Building a cyber citadel over the internet is not possible, so it is on public and private organizations to take the necessary steps to protect their assets. Industry analysts and companies alike point to developing frameworks like zero trust and microsegmentation for additional layers of security within the organization network.<\/p>\n<p><strong>Also Read: <\/strong><a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\">How to Implement Zero Trust<\/a><\/p>\n\n\n<div id=\"ta-campaign-widget-66d6e348764ca-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6e348764ca\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6e348764ca\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6e348764ca\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6e348764ca\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6e348764ca\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6e348764ca\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>In the biggest cyberattack to date on critical infrastructure in the U.S., Colonial Pipeline \u2013 sprawling 5,500 miles from Houston to New York City \u2013 halted its mainlines on Friday, May 7, when administrators detected advanced ransomware internally. On Thursday, a day before the ransomware attack, Russia-based cyber criminal group DarkSide stole more than 100GB [&hellip;]<\/p>\n","protected":false},"author":250,"featured_media":18600,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[16],"tags":[14716,22796,1146,2478],"b2b_audience":[33],"b2b_industry":[],"b2b_product":[31788,397,398,400,382,390,403,31787,394,378,395,377,404,384,31781,381,31780,31790,143,391,375,376,31776,379,31777,393,31775,392,396],"class_list":["post-18597","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trends","tag-apt","tag-cyberattack","tag-malware","tag-ransomware","b2b_audience-awareness-and-consideration","b2b_product-advanced-persistent-threats","b2b_product-anti-malware","b2b_product-anti-spam","b2b_product-antivirus","b2b_product-application-security-vulnerability-management","b2b_product-content-filtering","b2b_product-cyber-terrorists-and-cyber-crime","b2b_product-data-breach","b2b_product-email-security","b2b_product-endpoint-security","b2b_product-firewalls-and-intrusion-prevention-and-detection","b2b_product-gateway-and-network-security","b2b_product-hackers","b2b_product-identity-management-privacy","b2b_product-multi-factor-access-management","b2b_product-network-access-control-nac","b2b_product-patch-management","b2b_product-ransomware","b2b_product-security","b2b_product-security-appliances","b2b_product-security-management","b2b_product-security-services","b2b_product-siem","b2b_product-threats-and-vulnerabilities","b2b_product-ueba","b2b_product-virtual-private-network-vpn","b2b_product-web-applications-security","b2b_product-web-security","b2b_product-wireless-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Pipeline Ransomware Attack Shows Critical Vulnerabilities<\/title>\n<meta name=\"description\" content=\"Critical infrastructure needs enhanced cybersecurity, as DarkSide ransomware forces Colonial Pipeline to halt operations.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Pipeline Ransomware Attack Shows Critical Vulnerabilities\" \/>\n<meta property=\"og:description\" content=\"Critical infrastructure needs enhanced cybersecurity, as DarkSide ransomware forces Colonial Pipeline to halt operations.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-10T13:35:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-12T15:32:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-Attacked-by-Ransomware.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2400\" \/>\n\t<meta property=\"og:image:height\" content=\"1854\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Sam Ingalls\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/SamIngalls\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sam Ingalls\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/\"},\"author\":{\"name\":\"Sam Ingalls\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2\"},\"headline\":\"Colonial Pipeline Ransomware Attack Shows Critical Infrastructure Vulnerabilities\",\"datePublished\":\"2021-05-10T13:35:38+00:00\",\"dateModified\":\"2023-05-12T15:32:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/\"},\"wordCount\":1639,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-Attacked-by-Ransomware.jpg\",\"keywords\":[\"APT\",\"cyberattack\",\"malware\",\"ransomware\"],\"articleSection\":[\"Trends\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/\",\"name\":\"Pipeline Ransomware Attack Shows Critical Vulnerabilities\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-Attacked-by-Ransomware.jpg\",\"datePublished\":\"2021-05-10T13:35:38+00:00\",\"dateModified\":\"2023-05-12T15:32:20+00:00\",\"description\":\"Critical infrastructure needs enhanced cybersecurity, as DarkSide ransomware forces Colonial Pipeline to halt operations.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-Attacked-by-Ransomware.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-Attacked-by-Ransomware.jpg\",\"width\":2400,\"height\":1854,\"caption\":\"An image of an oil well stranded by human resources an incapable of operating.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Colonial Pipeline Ransomware Attack Shows Critical Infrastructure Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2\",\"name\":\"Sam Ingalls\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg\",\"caption\":\"Sam Ingalls\"},\"description\":\"Sam Ingalls is an award-winning writer and researcher covering enterprise technology, cybersecurity, data centers, and IT trends, for eSecurity Planet, Tech Republic, ServerWatch, Webopedia, and Channel Insider.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/singalls\/\",\"https:\/\/x.com\/https:\/\/twitter.com\/SamIngalls\"],\"url\":\"https:\/\/www.esecurityplanet.com\/author\/singalls\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Pipeline Ransomware Attack Shows Critical Vulnerabilities","description":"Critical infrastructure needs enhanced cybersecurity, as DarkSide ransomware forces Colonial Pipeline to halt operations.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/","og_locale":"en_US","og_type":"article","og_title":"Pipeline Ransomware Attack Shows Critical Vulnerabilities","og_description":"Critical infrastructure needs enhanced cybersecurity, as DarkSide ransomware forces Colonial Pipeline to halt operations.","og_url":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/","og_site_name":"eSecurity Planet","article_published_time":"2021-05-10T13:35:38+00:00","article_modified_time":"2023-05-12T15:32:20+00:00","og_image":[{"width":2400,"height":1854,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-Attacked-by-Ransomware.jpg","type":"image\/jpeg"}],"author":"Sam Ingalls","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/SamIngalls","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Sam Ingalls","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/"},"author":{"name":"Sam Ingalls","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2"},"headline":"Colonial Pipeline Ransomware Attack Shows Critical Infrastructure Vulnerabilities","datePublished":"2021-05-10T13:35:38+00:00","dateModified":"2023-05-12T15:32:20+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/"},"wordCount":1639,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-Attacked-by-Ransomware.jpg","keywords":["APT","cyberattack","malware","ransomware"],"articleSection":["Trends"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/","url":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/","name":"Pipeline Ransomware Attack Shows Critical Vulnerabilities","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-Attacked-by-Ransomware.jpg","datePublished":"2021-05-10T13:35:38+00:00","dateModified":"2023-05-12T15:32:20+00:00","description":"Critical infrastructure needs enhanced cybersecurity, as DarkSide ransomware forces Colonial Pipeline to halt operations.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-Attacked-by-Ransomware.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/05\/Colonial-Pipeline-Attacked-by-Ransomware.jpg","width":2400,"height":1854,"caption":"An image of an oil well stranded by human resources an incapable of operating."},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/trends\/colonial-pipeline-ransomware-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"Colonial Pipeline Ransomware Attack Shows Critical Infrastructure Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2","name":"Sam Ingalls","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg","caption":"Sam Ingalls"},"description":"Sam Ingalls is an award-winning writer and researcher covering enterprise technology, cybersecurity, data centers, and IT trends, for eSecurity Planet, Tech Republic, ServerWatch, Webopedia, and Channel Insider.","sameAs":["https:\/\/www.linkedin.com\/in\/singalls\/","https:\/\/x.com\/https:\/\/twitter.com\/SamIngalls"],"url":"https:\/\/www.esecurityplanet.com\/author\/singalls\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18597"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/250"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=18597"}],"version-history":[{"count":0,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18597\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/18600"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=18597"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=18597"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=18597"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=18597"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=18597"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=18597"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}