Florence, South Carolina 2021-06-09 05:38:04 –
Charlotte, NC (FOX 46) – Top Dog of the Colonial Pipeline apologized and defended its response to a cyberattack that dysfunctional East Court fuel supply at a Senate hearing on Tuesday.
Joseph Blount’s testimony came weeks after a pump panic in which more than 70% of North Carolina gas stations were closed.
“We deeply apologize for the impact of this attack,” Braunt said. “There were cyber defenses, but unfortunately those defenses were breached.”
Brant said the decision to pay a $ 4.4 million ransom and keep it secret was one of the most difficult to date. The FBI’s position is that you shouldn’t pay the ransom to encourage further hacking.
Federal authorities have been able to recover the $ 2.3 million cryptocurrency given to an international blackmail group known as Darkside.
“This attack forced us to make difficult real-time decisions that no company would want to face,” said Blount. “But with the pipeline restored and safe to operate, we are proud of how our people responded quickly to contain the attack.”
The decision to pay the hacker was made on the first day of the hack, Blount said, adding that the price was negotiated and paid on the second day.
“We know how important our pipeline is to the country,” he said. “And I put the interests of the country first.”
According to Blount, Darkside broke through an old virtual private network that didn’t have the two-factor authentication used by the company’s regular VPN through a compromised password.
“The exploited legacy VPN profile wasn’t intended for use,” said a spokeswoman for the company. “The intended security protocol set in the current VPN profile was not found.”
A few months before the attack, Colonial Pipeline posted a job for “Cyber Security Manager.” It also addressed a fuel leak of at least one million gallons in Huntersville.
A spokeswoman for the company said, “The cybersecurity position was not created as a result of recent ransomware attacks.” We are part of our long-term talent growth strategy in all functional areas of our business. We have several positions open because we are constantly recruiting top talent. One example is the position to support cybersecurity. This is an addition to our efforts to continue building our current cybersecurity team. It’s the role you’re trying to do. “
“Have you planned for a cybersecurity response that includes guidance on ransomware?” Asked Senator Maggie Hassan, New Hampshire State University.
“Senator, specifically no,” Braunt said. “There is no discussion about ransom and ransom behavior.”
“I don’t think it’s acceptable to understand the important properties of a product,” Hassan said. “But then the preparations and systems to protect the product as if it were a critical infrastructure are actually Not in place. “
“Senator, we take cybersecurity very seriously,” Braunt replied.
The company states that the hack did not affect spill cleanup operations in Huntersville.
“The colonial product recall and remediation efforts in Mecklenburg County were unaffected by a cybersecurity attack on us,” a spokeswoman for the company said. “The most important aspect of our response: protecting public safety, restoring the natural environment and restoring free products is ongoing and operates 24 hours a day, 7 days a week. “
Chris Furtick, a Charlotte cybersecurity expert at Fortalice Solutions, says it’s important to ensure that your system is protected.
“Passwords are an old technology, but now they’re obsolete,” says Fertic. “Multi-factor [authentication] Is a way to make all kinds of remote connections. However, it is also recommended for those who have email or financial login. “
Braunt said he hired an expert to help improve cybersecurity, but said there was no sign that the dark side could control the pipeline itself. At least one lawmaker said more than financial damage. He expressed concern that this could be a vulnerability for anyone who wants to cause damage.
South Carolina Rep. Ralph Norman will ask Brownt at a House hearing on Wednesday. He says Congress needs assurance that critical networks are being strengthened to prevent future attacks.
A spokeswoman for Colonial Pipeline said, “We have taken cybersecurity seriously, but we are committed to strengthening our efforts given the evolving nature of this incident and threat. Hired Mandiant’s industry leader, Robley of Dragos, a world-class OT expert, and John Strand of Black Hills Security, another renowned expert in cybersecurity, to investigate incidents as well as cyber. An overall assessment of our approach to security. Guidance provided by this best-in-class team of experts facilitates our focus and relevant investments to strengthen our defenses. “
Ralph Norman’s reaction
Congressman Ralph Norman (R-SC) has sent the following statement to FOX 46: He is a member of the House Committee asking Mr Brownt on Wednesday.
“Recent cyberattacks, including attacks on the Colonial Pipeline last month, should shock every corner of our country. Cybersecurity is a daunting task and not all attacks can be prevented. But organizations that fail or reject strong cybersecurity efforts should not be surprised at the next victim, as an important issue. Congress will affect the lives and safety of Americans as much as possible. We need a guarantee that the giving network is reinforced against this type of attack. “
See the full text of the hearing Here..
Read the DOJ news release Here..
Colonial Pipeline CEO ‘deeply sorry’ for hack impact Source link Colonial Pipeline CEO ‘deeply sorry’ for hack impact