When Colonial Pipeline Co. was breached on April 29, the ramifications were wide-spread, causing fuel shortages across the East Coast and raising alarm bells for cybersecurity professionals. The root cause of the ransomware attack was a compromised password that has since been discovered within a list of leaked passwords on the dark web.

The cause of the attack should come as no surprise when considering that 81 percent of data breaches begin with a compromised password. In the weeks since the attack, much of the analysis has been centered around IT/OT security shortcomings and whether these vulnerabilities are indicative of a large industry-wide problem within critical infrastructure sectors. While this is important to examine, what is being overlooked is how much more difficult this attack would have been to carry out with enforceable breached password protection in place.

Read more at – How poor password hygiene crippled Colonial Pipeline