The ransomware attack that cost Colonial Pipeline roughly $5 million and sent gas prices soaring seems to have been the result of a single stolen password. Charles Carmakal, a cybersecurity consultant who responded to the attacks for the company, told Bloomberg News the hackers used an employee’s credentials to access their virtual private network. From there, they had complete access to Colonial’s computer system, allowing them to force the company into paying a $4.4 million ransom and causing the first shutdown in the pipeline’s 57 years. That led to gas shortages across the country, leading to millions of dollars in expenses to get the pipeline up and running. Investigators aren’t sure where the hackers obtained the password, but the password was found on data leak lists on the Dark Web. The account also wasn’t protected with multi-factor authentication, and investigators do not know how the hackers got the correct username.
SOURCE: The Daily Beast – Corbin Bolies