The password had been linked to a disused virtual private networking account used for remote access, FireEye confirmed to CNN, and the account was not guarded by an extra layer of security known as multi-factor authentication. Bloomberg first reported the password vulnerability following interviews with Charles Carmakal, senior vice president at Mandiant — the forensic division of FireEye — and Joseph Blount, Colonial's CEO.
Colonial Pipeline did not respond to specific questions about its password security protocol at the time of the ransomware attack, but said that the password reset process and complexity standards are automated. The password that was used was part of a batch of leaked passwords found on the dark web, according to Bloomberg's interview with Carmakal. But it's unclear how the hackers got the credentials for the remote access account.
FREE Pro-tip to ‘Murican C-suites too cheap to hire IT security experts: 1 change your administrator ID to something besides ADMIN, and the password to something besides ADMIN or PASSWORD. You’re welcome.
America, due to the GQP, has been dragged back so far away from reality and the future and we’re all going to suffer...AND they LOVE IT!
Is this result to cover up the weaknesses of CP system?
Business Business Latest News, Business Business Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
The way to stop companies from getting attacked by ransomware is simple: outlaw ransom paymentsOpinion | The way to stop companies from getting attacked by ransomware is simple: outlaw ransom payments. By jbarro. jbarro They should just get Norton.
Source: BusinessInsider - 🏆 729. / 51 Read more »
Source: Forbes - 🏆 394. / 53 Read more »