“ It was not intended to be in use, and has since been shut down,” Blount said.
Cyber expert updates Homeland Security
Charles Carmakal, Senior V.P. of cybersecurity at Mandiant described his firm’s response to the ransomware attack. And he says it’s still not confirmed how DarkSide obtained the password to the network.
The password for the VPN account had been previously compromised. It was leaked on the dark web.
Without multi-factor authentication, the Colonial system was at risk of attack. With sophisticated hackers, any system is not secure without two-factor authentication.
Security researchers suggest two-factor authentication to protect against hackers. It requires a second confirmation, in addition to a single password. And they often use a mobile text, hardware token, or even fingerprint across all internal applications. In fact, two-factor authentication should be a standard security precaution.
Blount defended his actions to pay the $4.4 million in ransom just hours after the ransomware attack. He claims it was ‘the hardest decision’ of his 39-year career. But he believes it was the right one.
