The hacker group Darkside broke into Colonial Pipeline last month and disrupted fuel supplies to the U.S. Southeast using only one password. In a seemingly savvy PR move, the hacker group later apologized for its tampering, saying it was an apolitical group and its intention is “to make money and not creating problems for society.”
The level of sophistication of these hackers is a force to be reckoned with, said Poppy Gustafsson, CEO of Darktrace, a company that provides services to protect businesses from cyber threats.
While speaking Wednesday at Fortune’s Global Forum conference, she said that the Colonial Pipeline hack demonstrates a notable shift: “You suddenly see these modern business practices from the legitimate world crossing over into this criminal world.”
Gustafsson notes that hackers come in all shapes and sizes, from “classic bedroom hackers that are looking to exploit and showcase their skills” to “very sophisticated, nation-state attacks, that are using really dynamic attack technology,” which will burrow its way into an organization and evolve as it attacks.
Then, in the middle, there are “businessified criminal gangs” that “break into organizations for their own financial gain, as was the case of the Colonial Pipeline attack,” she said, adding that these groups are so well established that they sometimes have their own graphics departments, marketing teams, and PR messaging.
The big lesson for companies, said Gustafsson, is that these attacks can and do happen all the time, whether it’s one password vulnerability or human error or people trying to deal with the modern complexities of new technologies, “there is always a single reason.”