Skip to Content



CEO of Darktrace weighs in on Colonial Pipeline attack

June 09, 2021 00:00 AM UTC
- Updated June 29, 2021 17:41 PM UTC

CEO Poppy Gustafsson discusses why cybersecurity should be top of mind for every CEO.

I want to start with something I saw this morning, we're all following the colonial pipeline attack and the follow from that watching Ceo say that, you know, the hackers kind of had to get through one password uh to make this happen. I wanted to ask you, how often does this happen? The one password it happens all the time, whether it's one password or whether it's just human error or whether it's people trying to deal with the modern complexity of all of these exciting technologies and they're under resource that shifting to the working from home. There's always a single reason that these attacks happened. But these single reasons are many and varied and what we're trying to do our best to protect what they might be and for in process is to prevent them, they are being exploited. And we see that time and again, whether it's things such as colonial pipeline or other less impactful but still very significant to those businesses attacks that happen day throughout the world. I saw another interview did you sort of mentioned some of the really wild ways that a company's could be attacked from the, you know, the peddlers in the parking lot to the casino fish tank. Really stuck out to me. It was one, I mean, what what's the craziest way that you've you've seen hackers gain access to company your system? I think it's just very, very wide and varied and put your eyes put your mind into thoughts of a security professional and they're trying to deal with protecting businesses that are increasingly complicated. Like think about this pandemic was all shifted to working from home and seeing these new exciting technologies or how technologies or whatever it is that they're using and it's their job to protect them. But you can't always imagine the ways that they will get exploited. So for example, the proliferation of things like IOT and he's very non traditional devices. These are introducing potential deficiencies and organizations. So for example, we've seen Kessler's parked in the office car park trying to, you know, the poor owners sort of using the company wifi to run the update or whatever it is that they're doing and they're potentially being leveraged to find their way into a business. We think I saw one really obscure example where it was a smart city in the U. S. And they had these amazing sort of parking meters that, you know, the ones that tell you when they're parking spaces available or not. And they're very intelligent and show us the park except a hacker has used that and broken into that and connected these parking meters into a pornography site. Why on earth would you do that? Like there's no even display on these that could display the pornography. But of course, it introduces a whole bunch of potential risk into that because of all the malware that we know exists on this. So you've got that real spectrum of your plastic bedroom hackers that are looking to exploit and showcase their skills, which I suspect was the case in the culture of the parking meters all the way for these very sophisticated nation state attacks that are using really dynamic attack technology, which is able to make its way into an organization and then worf and changes it, navigates its way through that business. Such that if you're trying to track it and identify it, it's constantly changing, constantly evolving that attack. And then you also see this middle piece which is this very, very business abide. Criminal gangs are breaking into organizations for their own financial gain as this case, in terms of the colonial pipeline attack.