Log in
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 
  1. Homepage
  2. Equities
  3. Brazil
  4. Bolsa de Valores de Sao Paulo
  5. JBS S.A.
  6. News
  7. Summary


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

One password allowed hackers to disrupt Colonial Pipeline, CEO tells senators

06/08/2021 | 05:53pm EDT
Joseph Blount, JR., President and Chief Executive Officer, Colonial Pipeline is sworn in as he attends a hearing to examine threats to critical infrastructure, focusing on examining the Colonial Pipeline cyber attack at the U.S. Capitol

NEW YORK (Reuters) - The head of Colonial Pipeline told U.S. senators on Tuesday that hackers who launched last month's cyber attack against the company and disrupted fuel supplies to the U.S. Southeast were able to get into the system by stealing a single password.

Colonial Pipeline Chief Executive Joseph Blount told a U.S. Senate committee that the attack occurred using a legacy Virtual Private Network (VPN) system that did not have multifactor authentication in place. That means it could be accessed through a password without a second step such as a text message, a common security safeguard in more recent software.

"In the case of this particular legacy VPN, it only had single-factor authentication," Blount said. "It was a complicated password, I want to be clear on that. It was not a Colonial123-type password."

The panel was convened to examine threats to critical U.S. infrastructure and the Colonial attack, which shut key conduits delivering fuel from Gulf Coast refineries to major East Coast markets. Cyberattacks also hit U.S. meatpacking plants owned by JBS, showing the breadth of infrastructure facing cyber threats.

The Colonial Pipeline hack demonstrated that much of the company's infrastructure remains highly vulnerable and the government and companies must work harder to prevent future hacks, senators said during the hearing.

Security experts call the use of a single-factor login system a sign of poor cybersecurity "hygiene." They recommend two-factor authentication, which requires a secondary measure like a mobile text or hardware token, and most major companies require this across all internal applications.

Senators questioned Blount about the company's preparations and the timeline for responding to the ransomware attack, which shut the line for days and led to a spike in gasoline prices, panic buying and localized fuel shortages.

"I'm alarmed this breach ever occurred in the first place," said Senator Gary Peters, the committee's chairman. "Make no mistake: if we do not step up our cyber security readiness, the consequences will be severe."

The FBI attributed the hack to a gang called DarkSide. Some senators suggested Colonial had not sufficiently consulted with the U.S. government before paying the ransom against federal guidelines.

Blount said he made the decision to pay ransom and to keep the payment as confidential as possible because of concern for security.

"It was our understanding that the decision was solely ours to make about whether to pay the ransom," he said.

Blount said Colonial did not have a plan in place to prevent a ransomware attack, but did have an emergency response plan. The company notified the FBI within hours.

Blount said Colonial has invested over $200 million over the last five years in its IT systems. When pressed to answer how much Colonial has spent to keep its pipeline cyber secure, Blount repeated that amount. A company spokesperson later clarified the $200 million was for IT overall, which includes cyber security.

On Friday, U.S. Deputy Attorney General Lisa Monaco urged companies to tell federal authorities whether they paid ransom to cyberattackers, information that can help investigators.

Blount said even after getting the key from the hackers, the company is still recovering from the attack and is bringing back seven finance systems that have been offline since May 7.

On Monday, the Justice Department said it had recovered some $2.3 million in cryptocurrency ransom paid by Colonial Pipeline.

Colonial Pipeline previously had said it paid the hackers nearly $5 million to regain access. The value of the cryptocurrency bitcoin has dropped to below $35,000 in recent weeks after hitting a high of $63,000 in April.

As a result, the government recovered about 60 of the 75 bitcoin paid, but the value has dropped, falling short of the total dollar amount Colonial paid.

Bitcoin seizures are rare, but authorities have stepped up their expertise in tracking the flow of digital money as ransomware has become a growing national security threat and put a further strain on relations between the United States and Russia, where many of the gangs are based.

(Reporting By Stephanie Kelly and Jessica Resnick-Ault, additional reporting from Christopher Bank; Editing by Marguerita Choy and David Gregorio)

By Stephanie Kelly and Jessica Resnick-Ault

© Reuters 2021
Stocks mentioned in the article
ChangeLast1st jan.
BITCOIN - EURO 2.65% 27969.64 Real-time Quote.15.16%
BITCOIN - UNITED STATES DOLLAR 2.57% 33306.12 Real-time Quote.12.30%
JBS S.A. 0.35% 28.27 End-of-day quote.19.48%
US DOLLAR / RUSSIAN ROUBLE (USD/RUB) -0.35% 72.6154 Delayed Quote.-1.01%
All news about JBS S.A.
06/21MARFRIG GLOBAL FOODS S A  : Brazil mulls law to track cattle suppliers to curb d..
06/17Brazil's JBS says Pilgrim's Pride to buy Kerry Meats and Meals in UK
06/17EXPLAINER : How four big companies control the U.S. beef industry
06/15U.S. agriculture chief backs proposed meatpacking investigator
06/14JBS S A  : Conference Call Transcript 1Q21
06/11JBS S A  : McDonald's in South Korea, Taiwan hit by data breach
06/11VIRUS TO VIRUS : pandemic to cyber threat :Mike Dolan
06/11Ransomware Attack Roiled Meat Giant JBS, Then Spilled Over to Farmers and Res..
06/09JBS S A  : Meat company JBS confirms it paid $11M ransom in cyberattack
06/09JBS Paid $11 Million to Resolve Ransomware Attack -- 6th Update
More news
Sales 2021 297 B 59 590 M 59 590 M
Net income 2021 9 463 M 1 899 M 1 899 M
Net Debt 2021 48 103 M 9 652 M 9 652 M
P/E ratio 2021 7,72x
Yield 2021 2,48%
Capitalization 70 464 M 14 065 M 14 139 M
EV / Sales 2021 0,40x
EV / Sales 2022 0,37x
Nbr of Employees 250 000
Free-Float 31,8%
Chart JBS S.A.
Duration : Period :
JBS S.A. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends JBS S.A.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus OUTPERFORM
Number of Analysts 13
Last Close Price 28,27 BRL
Average target price 37,87 BRL
Spread / Average Target 34,0%
EPS Revisions
Managers and Directors
Gilberto Tomazoni Chief Executive & Operating Officer
Guilherme Perboyre Cavalcanti Chief Financial Officer
Jeremiah Alphonsus O'Callaghan Chairman
Eliseo Santiago Perez Fernandez Director-Administration & Control
Cledorvino Belini Independent Director
Sector and Competitors
1st jan.Capitalization (M$)
JBS S.A.19.48%14 065
TYSON FOODS, INC.15.16%26 837
JUEWEI FOOD CO., LTD.-0.25%7 227