A single password is all hackers needed to take down Colonial Pipeline


563
563 points


A single password… that is all it took to bring down most of the fuel supplies to the US Southeast, with Colonial Pipelines claiming it was the victim of a vicious cyberattack.

We then heard that Colonial Pipeline CEO Joseph Blount approved paying $4.5 million in Bitcoin to the ransomware hacking collective DarkSide, and then the US Department of Justice announced the FBI had “recovered most” of the $4.5 million ransomware payment.

But it was all from a single password, with the attack using a legacy Virtual Private Network (VPN) system that didn’t have two-factor authentication. Colonial Pipeline CEO Joseph Blount said: “In the case of this particular legacy VPN, it only had single-factor authentication. It was a complicated password, I want to be clear on that. It was not a Colonial123-type password“.

READ More:  Uh, so the default Windows 11 wallpapers are amazing

Senator Gary Peters said: “I’m alarmed this breach ever occurred in the first place. Make no mistake: if we do not step up our cyber security readiness, the consequences will be severe“.

Once again, it seems like the perfect attack to warrant a clamping down on both cybersecurity nationwide, as well as cryptocurrency. A single password, a gigantic percentage of fuel supplies to the United States and millions of Americans affected, the FBI tracking and securing Bitcoin from hackers while the exchange dismisses that the FBI even did that… yeah, let’s go into that.

Source link


Like it? Share with your friends!

563
563 points