Operation of the largest fuel pipeline in the United States came to a screeching halt the morning of May 7, 2021, triggering fuel shortages across the entire East Coast and causing 100 gigabytes of the pipeline’s data to be held ransom for $4.4 million.
"By 6:10 a.m. the entire pipeline shut down," said Colonial Pipeline Co. CEO Joseph Blount.
All because of one compromised password.
On April 29, hackers found their way into the network through a virtual private network (VPN) account, which employees used to remotely access the company’s network. The hackers were able to breach Colonial’s network using a compromised username and password. Authorities are fairly certain the credentials were leaked on the dark web and not a result of a phishing scam.
Unfortunately for Colonial Pipeline, they didn’t have multi-factor authentication implemented.
In this post, we’ll dig into multi-factor authentication, why it’s so important and how you can get started with MFA at your organization.
What is Multi-Factor Authentication [MFA]?
Multi-factor authentication (MFA) is an authentication method that requires multiple verification factors to gain access to a resource like an application, online account, or VPN. MFA should be a key component of your password and identity management policy.
Chances are you’re already using MFA with your bank, credit card and investment accounts – if you haven’t logged in for a while or are logging in from an unrecognized device you’ll be sent a code to your cell phone or email to verify it’s you.
The three main multi-factor authentication methods are:
Something you know – Username and password
Something you have – Cellphone or security token
Something you are – Biometrics or trusted device
.png?width=600&name=Multi-Factor%20Authentication%20Infographic%20(1).png)
Why is MFA Important?
This blog is focused on protecting your company assets, but these methods are essential in protecting your personal assets as well. Criminals have become smarter and more innovative with their social engineering scams. Hackers are now targeting personal 401K and investment accounts and stealing hard-earned savings. Currently, Americans have over $33 trillion in retirement assets which is an irresistible target for cybercriminals. If you haven’t implemented MFA into your accounts, now is the time. Under your account, you likely have an option for security settings to implement Multi-Factor, 2 Factor or PIN code verification at each login. The few extra seconds are well worth it.
Implementing MFA into your organization’s security policy is also critical. Many business owners assume hackers only go after large well-known companies looking for a huge payoff. The truth is they don’t care. Hackers are lazy and they want to make money with the least amount of effort possible. They cast a very wide net and go after organizations that don’t follow cybersecurity best practices. According to the latest Microsoft report, 99% of compromised accounts did not have multi-factor authentication enabled.
Once inside your network, they look at your financials to determine what you might be willing to pay – we’ve seen ransomware requests from $100,000 up to $4 million. In the meantime, your data is encrypted with ransomware and your business is at a standstill. Even if the ransom is paid the IT work and expenses are just starting. Recovering your organization’s data and ensuring business continuity requires strategy and preparation so you can get back to business in hours, not weeks. Decryption keys are not perfect and rebuilding your network is often required, making ransomware incidents even more tenuous and complicated.
If you’re using Microsoft O365 at your organization, you’ll likely have MFA included. Depending on your licensing you may need to add a small monthly fee to add what’s called ‘conditional use’ – if employees are authenticated on the corporate network they don’t need to enter a code or use an authenticator app. A variety of other options are available to control all your applications such as Duo, AuthPoint, and RSA.
Multi-factor authentication is a great first step in protecting your organization’s assets and employees. We recommend working with IT experts, like Loffler, to make sure your data is protected from breaches and compromised credentials. Our IT Solutions Group will help you navigate your IT needs with industry experience and tailored solutions.
Read Next: Multi-Factor Authentication: Four Reasons Why Now is the Time
