3rd Party Risk Management , Business Continuity Management / Disaster Recovery , Critical Infrastructure Security

Ransomware: What's Changed Since Colonial Pipeline Got Hit?

Rapid7's Jen Ellis Details Cross-Government Response, Impact of Russia-Ukraine War
Jen Ellis, vice president of community and public affairs, Rapid7

Since Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, efforts to combat ransomware have evolved at a rapid pace.

See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical

"It was a real turning point for a number of different reasons," says Jen Ellis, vice president of community and public affairs at Rapid7. In part, that's because at about the same time, the world's largest meat producer, JBS, got hit by ransomware, driving up food prices. Also hit was Ireland's health system, which disrupted patient care for months. In response, governments quickly began to treat ransomware as a national security threat.

"So all of a sudden, you're seeing this very, very, very senior-level government response. You're seeing an international collaborative response. You're seeing governments look at what policy approaches they can take," she says. "We've seen sanctions since then. We've seen a lot of discussion around how you tackle the problem of safe havens. We've seen more collaboration on law enforcement, including takedowns, for some of the big groups."

In this video interview with Information Security Media Group, Ellis discusses:

  • Why Colonial Pipeline and contemporaneous attacks turned out to be a watershed event in the history of ransomware;
  • The ongoing impact and role of the international Ransomware Task Force working group launched in 2020;
  • How ransomware attacks continue to evolve and the likely impact of the Russia-Ukraine war on cybercrime.

Ellis is vice president of community and public affairs at Rapid7 and co-chair of the Ransomware Task Force created by the Institute for Security and Technology. Her primary focus is on advancing cybersecurity for all by building productive collaboration between those in the security community and those operating outside it. She works extensively with security researchers, technology providers and operators, and various government entities to help them understand and address cybersecurity challenges. Previously, she has served as a nonresident senior fellow with the Atlantic Council's Cyber Statecraft Initiative and testified before the U.S. Congress, and she regularly speaks at cybersecurity events (see: 17 Scenes From the IRISSCON Irish Cybercrime Conference).

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.