In May 2021, a ransomware attack shut down the Colonial Pipeline. This pipeline transports millions of gallons of fuel each day. It runs from Houston, Texas to New Jersey.   

In the following weeks, the government confirmed a cybersecurity executive order. They also paid—and then recovered—most of the ransom.

But as details come to light, ransomware wasn’t the only issue.

The other issue at hand? A single password was compromised. The CEO of Colonial Pipeline confirmed this during recent testimony. 

The attackers hacked the password to a dormant VPN account. There was no 2FA turned on. Instead, the bad actors were able to access Colonial Pipeline’s IT network. This hack happened after only single-factor authentication. 

Once attackers had access to the IT network, they were able to access its sensitive data.

The Colonial Pipeline attack brings to light a meaningful conversation. How can enterprises avoid such attacks? This specific attack highlighted how a security breach could briskly shut down OT. Organizations, especially those involved in national infrastructure, need to be diligent. 

For one, organizations should always practice multi-factor authentication. To grant access, multi-factor authentication requires two or more pieces of evidence.

Due to the nature of remote work, ransomware attacks have been on the rise over the last year. Because of this, enterprises need to address security gaps. 

61% of data breaches were from stolen credentials, according to Verizon. The prevalence of these breaches highlight the importance of strong passwords. For organizations, attackers only need one password stolen to do damage. 

To cover these security gaps, there are a few things organizations can do: 

• Consider increasing their investments in cybersecurity.
• Adopted a layered approach to security
• Update and maintain passwords