Single password gave Colonial Pipeline hackers access

Reuters Videos

Updated June 8, 2021 at 7:07 PM

JOSEPH BLOUNT: “I believe with all my heart it was the right choice to make.”

Colonial Pipeline CEO Joseph Blount on Tuesday defended his decision at a Senate hearing to pay ransom to hackers who caused the most disruptive U.S. cyberattack on record, adding that they were able to get into the system because the company did not have a multifactor authentication in place.

SENATOR PORTMAN: "Prior to the attack, did your company require all employees to use multifactor authentication?"

JOSEPH BLOUNT: "Ranking member Portman, in the case of this particular legacy VPN, it did only have a single factor authentication. It was a complicated password. So I want to be clear on that. It was not a 'Colonial123' type password."

SENATOR PORTMAN: "So would your advice going forward be that multifactor authentication ought to be used?"

JOSEPH BLOUNT: "Ranking member Portman, that's absolutely the correct advice."

Security experts recommend two-factor authentication, which requires a secondary measure like a mobile text or hardware token, and most major companies require this.

The FBI attributed last month’s hack – which disrupted fuel supplies to the U.S. Southeast and caused a days-long shutdown that led to a spike in gasoline prices and panic buying – to a Russia-based cybercrime group called DarkSide.

Colonial Pipeline paid the hackers nearly $5 million dollars to regain access.

But The Justice Department on Monday said it had recovered some $2.3 million dollars in cryptocurrency ransom paid by the company.

The DOJ has urged companies to inform authorities whether they paid ransom to cyberattackers.

But during Tuesday’s hearing, Blount said he believed that the issue of paying the ransom did not come up in conversations with the FBI the day of the attack.

PORTMAN: “What did the FBI tell you? What did they advise you to do in regards to paying the ransom?”

JOSEPH BLOUNT: “Ranking member Portman, I believe I was not involved in those conversations with the FBI, but in discussions with my team, I don’t believe that the discussion about the ransom actually took place the first day May 7th, but I do agree that their position is they don’t encourage the payment of ransom, it is a company decision to make.”

PORTMAN: “So you knew what their advice was going to be even though they didn’t provide it that day?”

JOSEPH BLOUNT: “Ranking member Portman, yes sir we did.”

Blount said even after getting the key from the hackers, the company is still recovering from the attack.

SENATOR PETERS: “How long do you think it’ll take for you to be 100 percent?”

JOSEPH BLOUNT: “I think what a lot of people don’t realize with cyberattacks and the repercussions of a cyberattack is that it takes months and months and in some cases, what we’ve heard from other companies that have been impacted years to restore your systems. Our focus that first week was to restore the critical systems that we needed on the IT side in order to safely and securely bring our pipeline system back up.”

Yahoo Sports
Former NBA guard Darius Morris dies at 33
Former NBA guard Darius Morris has died at the age of 33. He played for five teams during his four NBA seasons. Morris played college basketball at Michigan.
Yahoo Sports
Caitlin Clark catches fire from 3 in WNBA preseason; Arike Ogunbowale's late heroics send Wings past Fever
Caitlin Clark’s WNBA preseason debut went much like her senior year at Iowa. She hit a bunch of 3s and did so in front of a sold-out crowd.
Yahoo Sports
NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?
Which teams did the best in the NFL Draft?
Yahoo Sports
2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick
Yahoo Sports' Charles McDonald breaks down the Broncos' 2024 draft.
Yahoo Sports
No one was airing Angel Reese and Kamilla Cardoso's WNBA preseason debuts, so an X user livestreamed it
The quality was choppy, but it was better than what the WNBA had.
Yahoo Sports
Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race
Race organizers say they'll revoke a Trump fundraiser's suite license if he holds an event for the former president on Sunday at the race.
Yahoo Sports
Kentucky Derby: Mystik Dan wins in three-horse photo finish, outruns favorite Fierceness in stunning upset
The 150th Kentucky Derby produced yet another magnificent two-minute spectacle.
Yahoo Sports
New details emerge in alleged gambling ring behind Shohei Ohtani-Ippei Mizuhara scandal
It turns out the money was going from Ohtani's bank account to an illegal bookie to ... casinos.
Yahoo Sports
NFL Draft grades for all 32 teams | Zero Blitz
Jason Fitz and Frank Schwab join forces to recap the draft in the best way they know how: letter grades! Fitz and Frank discuss all 32 teams division by division as they give a snapshot of how fans should be feeling heading into the 2024 season. The duo have key debates on the Dallas Cowboys, New York Giants, New Orleans Saints, Los Angeles Rams, New England Patriots, Las Vegas Raiders and more.
Yahoo Sports
The best RBs for 2024 fantasy football according to our analysts
The Yahoo Fantasy football analysts reveal their first running back rankings for the 2024 NFL season.
Yahoo Sports
Lakers fire head coach Darvin Ham after just 2 seasons, latest playoff series loss to Nuggets
Despite a trip to the Western Conference finals in his first season with the team, the Lakers are now ready to look for a replacement for Darvin Ham.
Yahoo Finance
CVS stock plunges after earnings numbers one analyst 'did not even believe'
CVS warns it could cede Medicare Advantage market share as reimbursement rates pressure the company.
Yahoo Sports
Caitlin Clark catches fire from 3 in WNBA preseason debut; Arike Ogunbowale's late heroics send Wings past Fever
Caitlin Clark’s WNBA preseason debut went much like her senior year at Iowa. She hit a bunch of 3s and did so in front of a sold-out crowd.
Yahoo Sports
Diana Taurasi’s trash-talking, in-your-face ways may be a bit of a shock to new WNBA fans
Caitlin Clark fans beware: You never know what the 20-year veteran might say … or do.
Yahoo Sports
Wide receiver rankings for fantasy football 2024
The Yahoo Fantasy football analysts reveal their first wide receiver rankings for the 2024 NFL season.
Yahoo Life Shopping
Does castor oil really help with hair growth? We asked the experts, and their answer may surprise you
It's inexpensive, but is it effective? Dermatologists' verdict is in — and it's unanimous.
Yahoo Sports
Tight end rankings for 2024 fantasy football 2024
The Yahoo Fantasy football analysts reveal their first tight end rankings for the 2024 NFL season.
Yahoo Sports
WWE Backlash France 2024 results, grades and analysis: Cody Rhodes defeats A.J. Styles in first title defense
The Lyon, France crowd was electric start-to-finish in WWE's first major event since WrestleMania 40
Autoblog
EVs are the most expensive vehicles to operate over 1,000 miles, according to iSeeCars
iSeeCars calculated the cost to operate vehicles with different fuel types, finding that EVs are significantly more expensive than others.
Yahoo Sports
Ex-Florida State QB and 1999 Fiesta Bowl starter Marcus Outzen dies at 46
The Seminoles lost 23-16 to Tennessee in the first-ever BCS title game.

News

Life

Entertainment

Finance

Sports

New on Yahoo

Single password gave Colonial Pipeline hackers access

Recommended Stories

Former NBA guard Darius Morris dies at 33

Caitlin Clark catches fire from 3 in WNBA preseason; Arike Ogunbowale's late heroics send Wings past Fever

NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?

2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick

No one was airing Angel Reese and Kamilla Cardoso's WNBA preseason debuts, so an X user livestreamed it

Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race

Kentucky Derby: Mystik Dan wins in three-horse photo finish, outruns favorite Fierceness in stunning upset

New details emerge in alleged gambling ring behind Shohei Ohtani-Ippei Mizuhara scandal

NFL Draft grades for all 32 teams | Zero Blitz

The best RBs for 2024 fantasy football according to our analysts

Lakers fire head coach Darvin Ham after just 2 seasons, latest playoff series loss to Nuggets

CVS stock plunges after earnings numbers one analyst 'did not even believe'

Caitlin Clark catches fire from 3 in WNBA preseason debut; Arike Ogunbowale's late heroics send Wings past Fever

Diana Taurasi’s trash-talking, in-your-face ways may be a bit of a shock to new WNBA fans

Wide receiver rankings for fantasy football 2024

Does castor oil really help with hair growth? We asked the experts, and their answer may surprise you

Tight end rankings for 2024 fantasy football 2024

WWE Backlash France 2024 results, grades and analysis: Cody Rhodes defeats A.J. Styles in first title defense

EVs are the most expensive vehicles to operate over 1,000 miles, according to iSeeCars

Ex-Florida State QB and 1999 Fiesta Bowl starter Marcus Outzen dies at 46