All companies want to ensure that their data is secure and private. While we do not imagine that a cyberattack could happen to our business, it is extremely possible without the proper security measures in place. Therefore, you should focus on your cybersecurity and secure your network with multi-factor authentication.
Cyberattack on The Colonial Pipeline
At the beginning of May, a malicious hacker group focused on advanced persistent threats infiltrated the Colonial Pipeline’s computer network. Their intent was to extort the massive company for ransom money. This cyberattack forced them to shut down the entire pipeline to save them from any further damage. The pipeline CEO was forced to pay the ransom of $4 million in cryptocurrencies to regain access and get operations back to work. After further investigation, it was found that one account did not utilize multi-factor authentication, thus giving the hackers access to the systems through this account. And now a month later they are still working to bring some of their systems back online.
This story is an important learning experience for companies to become more aware and increase their security practices. Cyberattack of large and small scales happen every day; and you never know when or if it will happen to you until it happens.
Multi-Factor Authentication
Multi-factor authentication is one of the few minimum-security practices that we recommend all companies should have in place. Two-factor authentication requires users to have a second device connected to their accounts. Typically, they are in the form of an app or a code sent to a connected phone number. PIN numbers are the most common form of two-factor authentication in most everyone’s day-to-day operations. When using two-factor authentication, someone attempts to login, the system will flag it, and require either a code, fingerprint, or faceID from either an app or a text. When the ‘hacker’ does not have the code, they will be kicked from the login and the original account owner will be notified. The codes typically reset after 30 seconds so no two codes will be the same, ensuring even more security.
Without two-factor authentication hackers can simply use a password cracking code to hack into the account; which is exactly what happened to the Colonial Pipeline systems.
If you would like to read more about the Colonial Pipeline Cyberattack or Multifactor Authentication, we have included some links that contain more information below.
Colonial Pipeline Ransomware Attack