Jonathan Trimble said, “smaller businesses are particularly vulnerable to the increasing wave of cyberattacks, though it isn’t the ransom itself which would hurt most.” KENS 5 San Antonio reports that The FBI confirmed a Russian group known as Darkside orchestrated the ransomware attack on Colonial Pipeline. On Friday, the cybercrime group locked up the company’s computer system and demanded a ransom.

Colonial Pipeline delivers about 45% of the east coast’s fuel supply. As the company shut down operations to investigate the disruption, fuel prices began spiking, and people began hoarding gas in multiple states.

The fear surrounding the gas shortage even spilled into Texas. KENS 5 obtained a video of lines of drivers waiting to fill up at a gas station in the Rio Grande Valley.

Jonathan Trimble, the founder, and CEO of Bawn, a security firm which protects businesses across Texas, shared insight on the attack. Before he launched his company, he served 24 years in the FBI, where he was chief technology officer of the bureau’s information management division.

He also supervised a number of criminal matters, including corporate fraud, identity theft, narcotics, child abductions, and computer crime. Trimble said, “for the past 20 years, cyberattacks have continued to rise.”

“If this can happen to a large organization that they know plays a critical component in the nation’s economy, that type of event can happen to any type of business,” warned Trimble.

The energy grid and water supply in the nation barely have federally mandated cybersecurity protections. Trimble said, “when it comes businesses that are left to defend themselves, a ransom isn’t what may be the costliest consequence—it’s the fallout from a potential work stoppage.”

“From a company standpoint, it’s a business decision. How much pain can that organization endure?” Trimble said. “The scariest statistic that I see is that 60% of small businesses that are hit by a cyberattack within six months are forced to shutter their businesses because of the cost of that cyberattack.”

The FBI confirmed it is working with the Colonial Pipeline to investigate the cyberattack. As for other businesses that don’t have a squad of federal investigators, Trimble advises owners to make security plans now.

“The best way to address that is to get ahead of that before it happens, because if they wait until it happens and after they’re hit by an attack? There’s not much anyone can do to help them,” he said.

Colonial Pipeline restarted operations late Wednesday afternoon but said in a statement it will take several days for deliveries to return to normal. The company did not give an update on the ransomware investigation.