Expand / Collapse search
Watch TV
Menu

Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital SolutionsLegal Statement.

This material may not be published, broadcast, rewritten, or redistributed. ©2024 FOX News Network, LLC. All rights reserved. FAQ - New Privacy Policy

Cyber Security
Published

Breached account led to Colonial Pipeline shutdown, cybersecurity firm says

The hackers got the password and the username, and the network did not require multifactor authentication

close
IHS Markit vice chairman Daniel Yergin weighs in on the impact of the colonial pipeline shutdown and his outlook for renewable energy. video

Colonial pipeline hack shows how dependent US is on energy infrastructure: Energy expert

IHS Markit vice chairman Daniel Yergin weighs in on the impact of the colonial pipeline shutdown and his outlook for renewable energy.

Hackers accessing a remote account with a single password were able to interrupt operations at Colonial Pipeline, one of the largest pipeline systems for refined oil products in the U.S., a cybersecurity expert says.

Criminals used a virtual private network account to access the company’s systems, Mandiant senior vice president Charles Carmakal told Bloomberg – and FOX Business confirmed with the company. The account was used to access the company’s systems on April 29.

The password to the account was discovered alongside other leaked data on the dark web, the company said, though it is not clear how hackers obtained the password or the username. 

Carmakal, who helped Colonial Pipeline with its response to the attack, said that the company’s network did not require multifactor authentication. 

After tracking the criminals’ movements within the system, executives at Mandiant believe the hackers did not reach other operating systems, including those that control the flow of fuel.

COLONIAL PIPELINE CEO TELLS WHY HE PAID HACKERS A $4.4M RANSOM

The pipeline was shut down on May 7, crippling supply to East Coast retailers, some of which rely heavily on Colonial Pipeline’s fuel. The company says it provides roughly half of fuel supplies for the East Coast.

The company paid $4.4 million in ransom to the hackers, who are believed to belong to the DarkSide criminal enterprise, which is likely based in Russia.

It took nearly a week for pipeline operations to fully resume, during which time some regions in the U.S. experienced fuel shortages, and the price of gasoline climbed.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

Congress is expected to hold a hearing featuring Colonial Pipeline CEO Joseph Blount next week. The company has come under criticism from lawmakers who believe firms should not pay ransom to free their systems.

Earlier this week, the world’s largest meatpacker JBS suspended operations after it suffered a ransomware attack, which is believed to be linked to a group in Russia.