Colonial CEO Defends Hack Response and Offers Lessons Learned

/in


(Bloomberg) — The chief executive officer of the pipeline company hit by a ransomware attack last month apologized to a U.S. Senate panel for the incident that paralyzed the East Coast’s flow of gasoline, diesel and jet fuel, while defending his company’s response and offering tips for future hacking victims.

“We are deeply sorry for the impact that this attack had, but are also heartened by the resilience of our country and of our company,” Colonial Pipeline Co. CEO Joseph Blount Jr. said at Tuesday’s hearing.

Blount’s appearance before the Senate Homeland Security and Governmental Affairs Committee comes as Congress readies its response to the hack, which affected 45% of the East Coast’s fuel supply, driving up gasoline prices and sparking shortages at filling stations after the company shut the roughly 5,500-mile pipeline on May 7.

The senators’ questions for Blount were direct but relatively gentle. Blount was contrite — and sometimes vague — on some details about the company’s cybersecurity protections. When asked about Colonial’s cybersecurity budget, for instance, he said they had spent $200 million on information technology over five years without specifying how much was defending against hacks.

Blount said responding quickly to contain the threat and swiftly communicating with the government were among the most important lessons he learned from the incident.

The hackers, who the FBI said have been linked to a group known as DarkSide operating in Russia, were able to breach the company’s computer system April 29 using a virtual private network — or VPN — account, an encrypted internet connection that allowed employees to remotely access the company’s computer network. Blount testified that the VPN account only had single-factor authentication.

The “legacy” network “was not intended to be in use,” said Blount, who took over as Colonial CEO in 2017. He added that the company is still trying to determine how the hackers gained the needed credentials to exploit it.

Senator Rob Portman, a Republican from Ohio and the ranking member on the committee, called out this failure. “Mr. Blount you’re a victim, and we understand that,”…

Source…