The road to cybersecurity - follow Policies
The road to cybersecurity - report it
Follow policies and procedures

This week, read about how one employee helped make a difference by taking quick action.

Colonial Pipeline attack — Ransomware

A little before 5 a.m. on May 7th, 2021, an employee at the Colonial Pipeline noticed a ransom note on the computer, demanding cryptocurrency. This employee followed the company’s policies and procedures and immediately reported the situation.

The Colonial Pipeline attack might be one of the largest and most impactful cyberattacks in history. It started when the hackers gained access to the Colonial Pipeline networks by using a leaked password to enter the company’s VPN (virtual private network).

  • The VPN did not use multi-factor authentication, a cybersecurity tool that adds an additional layer of protection.
  • After extensive research, they found no evidence of a phishing attack. This led them to believe that the password used was the same password for another account that had been previously hacked.
  • One of the country’s largest pipelines was shut down, impacting gasoline accessibility and prices for about two weeks.
  • What is a ransomware attack? A ransomware attack is when hackers gain access to an organization’s system, encrypt and lock all of the data and then demand payment.