BlackBerry: Hacked VPN Password Behind Colonial Pipeline Attack
Following recent Bloomberg research, we now know that the Colonial Pipeline cyberattack was triggered by a VPN password cracking. But the story doesn’t end there. Unfortunately, it’s a string of minor cybersecurity flaws that have allowed cybercriminals to easily infiltrate a company’s computer systems.
So far, no evidence of phishing has been found, however, the password has been successfully found on the darknet, and VPN access has not been secured by either continuous authentication or two-factor authentication. However, continuous authentication is a much safer and more reliable solution than a VPN!
Analysis by Adam Bangle, VP EMEA, BlackBerry:
“Unsurprisingly, the VPN password was the source of the attack on the Colonial Pipeline. Basically, VPNs are insecure, not least because of their static approach to authentication and access permissions. If you have a password, it is assumed that you are safe for the duration of the connection, whether you are a real user or a cybercriminal.
From now on, it is best to implement a zero-trust network access strategy and take a proactive approach to cybersecurity. Rather than directly securing the network, this approach ensures that all networks can only be accessed from healthy and reliable devices. It uses artificial intelligence to continuously analyze user behavior, device reliability, and network and application access methods, which can immediately protect the work environment in the event of suspicious elements.
In addition, passwords are often considered a security risk. In addition to making it harder for hackers to crack passwords or keep them out of the dark web, IT teams need to leverage advanced AI, continuous authentication, and functionality. Configure a reliable TCP / IP layer to secure communications and lock the user account at the first sign of a cyberattack. “