Tech »  Topic »  Colonial Pipeline CEO: Ransomware Attack Started via Pilfered 'Legacy' VPN Account

Colonial Pipeline CEO: Ransomware Attack Started via Pilfered 'Legacy' VPN Account


No multifactor authentication was attached to the stolen VPN password used by the attackers, Colonial Pipeline president & CEO Joseph Blount told a Senate committee today.

The recent ransomware attack that ultimately disrupted gasoline supply in parts of the Southeast last month started with the attackers somehow getting the password to an old VPN account, said the president and CEO of Colonial Pipeline in testimony today to the Senate Committee on Homeland Security and Governmental Affairs.

"In the case of this particular legacy VPN, it only had single-factor authentication," Joe Blount told the committee. "It was a complicated password — I want to be clear on that. It was not a Colonial123-type password."

He confirmed that the VPN was not protected with multifactor authentication and that the company still does not know how the attackers were able to access the account.

"Although the investigation is ongoing, we believe the attacker exploited ...


Copyright of this story solely belongs to darkreading.com . To see the full text click HERE