4 Ways to Avoid the Next Colonial Pipeline Cyberattack
May 2022 marked the first anniversary of the largest publicly disclosed cyberattack against critical infrastructure in the U.S.—the attack on the Colonial Pipeline.
The devastating attack served as a cautionary tale of poor security hygiene, revealing how something as simple as reusing a single password or switching off multifactor authentication could result in such far-reaching consequences as the shutdown of a major U.S. gas pipeline—and impacting thousands of people.
Lessons Learned From Colonial Pipeline Cyberattack
However, the Colonial Pipeline attack was not the first (and, unfortunately, will not be the last) of its kind, as poor or reused passwords remain the root cause of over 80% of breaches and last year’s astounding 105% increase in ransomware attacks.
As we reflect on the lessons learned from the Colonial Pipeline cyberattack, here are the top four tips on how to better prevent your company from being attacked in a similar fashion:
1. Basic Password Guidelines Leave you Vulnerable to Cyberattacks
Basic password guidelines like using a mix of capital letters, numbers and special characters are outdated. In fact, recent research found that 41% of passwords used in attacks are 12 characters or longer and 68% include at least two character types. So, while not using your dog’s name or the name of the street you grew up on might be a no-brainer, you are still not protected even if you add two exclamation points with an underscore.
Rather than choosing a single word, use a passphrase—three random words (or more!) that are easy for you to remember but won’t be easily guessed by someone else.
2. One Size Does Not Fit All in Security
Password reuse has become a serious problem and yet, we see it happen time and time again. A representative from Mandiant, the cybersecurity firm in charge of investigating the Colonial Pipeline attack, attributed the breach to an employee using the same password for a Colonial Pipeline VPN and for another account that was compromised in a breach.
Reusing passwords makes them extremely vulnerable when they have been recycled across various personal and professional platforms, and tend to follow typical patterns and themes at the point of creation. Hackers know people reuse passwords, so this practice makes them more likely to end up in leaked password dumps which are then used in brute force attacks on corporate networks. One way to combat this is to check passwords against breached password lists; there are tools that offer this service and even notify you when a password has been compromised in a breach.
3. Take the Burden Off Employees
It’s common to see IT departments relying solely on end-user education rather than implementing tools that help enforce security best practices. While an engaging security training program is critical to helping employees recognize potential red flags, it is equally important to have tools in place that enforce cybersecurity protections in a user-friendly manner.
For example, password managers can eliminate the need for employees to remember a multitude of passwords and check to see if a password has been breached. Further, taking the burden off employees to remember their passwords makes it easier for them to choose stronger passwords.
Additionally, since even the best passphrase can still be leaked, it’s important that businesses implement additional safeguards, such as multifactor authentication, to add a second layer of security.
4. Take Inventory of Your Assets
It’s critical for businesses to understand the devices and threats that exist on their network. Companies tend to overlook that not only are IoT devices a part of one’s network but also the number of devices that can exist on a network. In 2021, IoT Analytics expects the global number of connected IoT devices to grow 9% to 12.3 billion active endpoints. By 2025, there will likely be more than 27 billion IoT device connections. Staying on top of monitoring the devices on a network and maintaining an accurate inventory of assets proves crucial to establishing a strong security posture because it only takes one vulnerable device to open the door for hackers to break into an organization’s entire network.
Ultimately, no organization is completely safe from cybercriminals. Whether you are a critical infrastructure operator, a government organization, or a small business, you could be the next target of a cyberattack. And while the consequences may not be as dire as those of Colonial Pipeline’s hack, they can still be costly and devastating for businesses of all kinds. It’s important to remember that the Colonial Pipeline attack all started with something simple—a weak password. If everyone puts forth the extra effort to implement stronger passwords and network security, it will go a long way toward protecting both company and personal assets.
