Tech »  Topic »  Breached Colonial VPN password was complex, but reused

Breached Colonial VPN password was complex, but reused


The compromised VPN password that allowed DarkSide operators to get into Colonial Pipeline’s network had been used on multiple websites, according to new insights into the attack.

The revelation was made by Charles Carmakal, senior vice president and CTO at Mandiant, which is the incident response division of cybersecurity firm FireEye that has been roped in to assist with the investigation into Colonial’s ransomware attack.

Carmakar further shared that the password was “relatively complex….in terms of length, special characters and case set” as he addressed a House Committee on Homeland Security hearing on the cyberattack, together with Colonial Pipeline’s CEO, Joseph Blount.

Mandiant had earlier shared that equipped with the password the Colonial attackers wouldn’t have faced much resistance logging into ...


Copyright of this story solely belongs to techradar.com . To see the full text click HERE