Colonial Pipeline Hackers Used Compromised Password To Gain Access To Network

The source of the the Colonial Pipeline cyberattack has been revealed. According to the company and ‘FireEye’ a cybersecurity firm the company hired to investigate the attack, hackers gained access to the networks computer system using a compromised password. The password had been linked to an unused virtual private networking account used for remote access and the account was not guarded by an extra layer of security known as multi-factor authentication. It is unknown how the hackers got ahold of the compromised credential but the attack led to the shutdown of one of America’s most important fuel distribution companies, causing panic buying that lasted a few weeks here in the South.

Now, Energy Secretary Jennifer Granholm has issued a warning about the U.S. power grid which is ‘vulnerable’ to ransomware attacks. Granholm said the Transportation Security Administration which regulates pipelines is also requiring companies to report when attacks are happening in real time. The warning comes after the rise in cyberattacks created a sense of urgency for the Biden administration. Last week the White House issued a letter to companies calling on them to take the threat of ransomware attacks more seriously.