CEO Reveals How Easily Colonial Pipeline Hack Could’ve Been Avoided

The Colonial Pipeline hack might not have been the largest hack in recent memory–that probably goes to the SolarWinds or Microsoft Exchange hacks. But it was the most disruptive.

Consumers panicked within days of the ransomware gang DarkSide breaching the country’s largest fuel pipeline. Gas prices skyrocketed. More than half of the gas stations in North Carolina ran out of fuel. In Raleigh, two people were charged with assault after arguing over their place in line at a Marathon station.

Despite DarkSide claiming they didn’t want to cause any problems, they still collected nearly a $5 million ransom from Colonial.

And all of this could’ve been avoided if employees at the pipeline company had taken basic precautions to protect their accounts.

The Colonial Pipeline Hack Came Down to One Password

During an interview with US senators, the head of the Colonial Pipeline revealed that hackers could breach his company by cracking one password.

Why? Because the breached account didn’t have a second layer of protection.

Colonial Pipeline Chief Executive Joseph Blount said the attack occurred while using a virtual private network (VPN) without multi-factor authentication.

You can check out the full hearing in this video:

Multi-factor authentication means sending a code to another device (usually a phone). After entering the normal password, the user must enter the code to access the account.

In this case, the hackers only needed to steal the regular password without worrying about the second form of authentication.

Blount said,

In the case of this particular legacy VPN, it only had single-factor authentication. It was a complicated password, I want to be clear on that. It was not a Colonial123-type password.

It’s great the password was complicated—all passwords for sensitive accounts should be complex, long, and varied. But any account that contains vulnerable information should always be protected with multi-factor authentication.

Senator Gary Peters, the committee’s chairman, said:

I’m alarmed this breach ever occurred in the first place. Make no mistake: if we do not step up our cybersecurity readiness, the consequences will be severe.

We cannot overlook that such disruptive consequences arose simply because a company lacked cybersecurity hygiene.

What Is Good Cybersecurity Hygiene?

The security of our personal assets and our nation relies on individuals’ ability to secure their online accounts properly. Cybersecurity is becoming more pressing than ever, and the population needs to become more educated.

Here are a few pieces of cybersecurity hygiene that we should all know and implement:

• Take your passwords seriously. Passwords are your first line of defense. And for many people, they offer very little resistance. Don’t use personal information, predictable patterns, or the same password for different accounts. Create long, varied passwords with unpredictable patterns for sensitive accounts.
• Enable multi-factor authentication. This should be step one whenever you open a sensitive account. Whether it’s your bank account or work account, always set up two-factor authentication (2FA) on any account containing your sensitive information.
• Train employees. The number one way hackers infiltrate accounts is through phishing attempts. Train your employees to spot these imposter emails and ensure they know cybersecurity hygiene’s basic tenets.
• Invest in cybersecurity software. A BullGuard survey found that one in three small businesses used free, consumer-grade cybersecurity software. That’s an unacceptable way to protect a business. Invest in high-quality anti-virus and encryption software to protect yourself and your company.
• Consult with a cybersecurity expert. Talk with an expert to determine the best way to protect you and your business. And always have a plan in place if you are hacked.

Featured image from YouTube.