June 11, 2021

Pipeline Update

Contigo Technology

Pipeline Update

The FBI investigation report has been released detailing the events of the hack that took place. Here’s what we learned.

Around April 29th the hacker group known as DarkSide gained control of the Colonial Pipeline through an old VPN account that did not have Multi-Factor Authentication. The VPN account’s credentials and passwords were previously leaked on the Dark web leading to easy access to the company’s network. This ransomware attack cost the company $4.4 million.
How does Contigo Technology prevent similar cyberattacks?

To start we have proactive software monitoring the dark web for your stolen credentials. This is the first line of defense to prevent breaches. Second, Contigo Technology strongly encourages all our clients to sign up for MFA and 2FA, if the colonial VPN account had MFA, they would have been notified of the login attempt. Lastly, it is highly speculated that the account used to breach the colonial Pipeline’s network was an old account that had never been deactivated. This means it was an account that was not monitored daily and completely forgotten about. As soon as Contigo Technology is notified of a user deactivation, we immediately take the account off the network. Accounts that need to be deactivated can be seen as a high risk considering many threats that can pose by a former employee.

Contigo Technology’s cybersecurity posture is strong and resourceful. Protecting and growing your Austin business is our number one priority. To learn more please visit our website.