Colonial Pipeline CEO, Joseph Blount appeared before the Homeland Security Committee on Tuesday. The U.S. Senate is investigating the May 7th ransomware attack on Colonial, the largest fuel pipeline in the U.S. They also talked about cyber threats to critical infrastructure.
The Ransomware Taskforce announced they were able to recover some of the ransom which was paid in bitcoin. Despite the success, the Senators had a lot of questions for Colonial Pipeline’s CEO and for their cybersecurity company, Mandiant.
The pipeline is the supply chain to 50% of the fuel the East Coast consumes. Blount assured the panel that Colonial ‘takes cybersecurity very seriously.”
Nevertheless, the DarkSide ransomware hackers successfully attacked Colonial’s computer network using a single compromised password.
Blount testified the attack was made using a legacy Virtual Private Network (VPN) network on a single password. And also claimed the password was ‘complex.’ Adding that, ‘It wasn’t just Colonial123.”
The VPN account, which allows employees to remotely access the company’s computer system should not have been open at the time of the attack.