A single password steal is said to have led to Colonial Pipeline Cyber Attack says Joseph Blount, the CEO of the fuel supplying company based in South East Coast.
Reiterating the same that was said to the US Senate Committee last week, Blount stated that the Colonial Pipeline attack took place because the company was using a legacy VPN system that did not have a 2FA in place. And so the hacker accessed the network just by stealing the password via a phishing email.
That means the Colonial Pipeline Shut Down took place when a hacker logged into the Virtual Private Network with a single authentication and disrupted the fuel supply operations to the core by injecting a file-encrypting malware.
DarkSide Ransomware spreading hacking group was involved in the incident and that was confirmed by the CEO.
Note 1- After the Colonial Pipeline Hack, Biden led government took a special initiative to check down the facts related to the incidents and it was revealed that the ransomware oil refinery operator paid $4.4 million in bitcoins to free up the database from malware, as the data recovery process proved tedious, time-consuming and highly expensive.
Note 2- On June 6th,2021, the US Congress committee appointed a special panel to examine the threat on the critical Infrastructure being operated in the US and has urged all the companies to step up their security measures against all variants of Cyberattacks including ransomware.
Note 3- Early this week, a joint operation launched by the Australian Police in association with the US FBI recovered more than half of the ransom amount paid to those spreading DarkSide Ransomware. This was possible when the law enforcement agencies from different parts of the world launched a joint operation to nab the criminals operating the server farms owned by DarkSide, therefore recovering money from their cryptocurrency wallets.