Colonial Pipeline C.E.O. Explains How Hackers Breached Its System
Cybercriminals gained access via an old virtual private network, allowing them to paralyze a critical U.S. fuel artery.
Colonial Pipeline chief says an oversight let hackers into its system.
Joseph Blount Jr., the chief executive of Colonial Pipeline, is sworn in.Credit…Andrew Caballero-Reynolds/Agence France-Presse — Getty Images
June 8, 2021, 12:14 p.m. ET
The top executive of the Colonial Pipeline told a Senate committee that an oversight appears to have allowed hackers into its computer systems and contributed to the paralyzing of the delivery of gasoline and other fuels up and down the East Coast.
Joseph Blount, the chief executive of the pipeline company, said the company believes that the criminal hackers infiltrated Colonial’s computers through an old virtual private network, commonly known as a V.P.N., “that was not intended to be in use.” He added, “We are still trying to determine how the attackers gained the needed credentials to exploit it.”
The V.P.N., a technology often used by companies to allow staff to access internal corporate networks from home, did not require multifactor authentication, a process through which a user is granted access to a computer system or application only after successfully presenting two or more pieces of information — security experts often refer to it as “something you know and something you have.” The first piece of information is often a password; the second can be a code sent to a cellphone, for example. Multifactor authentication has become increasingly common, and even free services like Gmail and Facebook offer it and encourage people to use it.
Democratic and Republican Senators were largely sympathetic in their questioning of Mr. Blount and did not press him aggressively on the glaring vulnerability. Colonial operates a 5,500-mile pipeline network that supplies 100 million gallons of gasoline, diesel and jet fuel daily to gas stations, airports and other customers along the East Coast, supplying nearly half of the region’s transportation energy.
“We are deeply sorry for the impact that this attack had,” Mr. Blount said.
Mr. Blount said the company quickly notified the Federal Bureau of Investigation on the day of the attack and suggested the damage done to the pipeline could have been much worse had the company not paid a ransom to a criminal group called DarkSide that infiltrated its system.
The Justice Department said on Monday that it had seized more than half the ransom, which totaled more than $4 million worth of the digital currency Bitcoin.