Risk & Repeat: Colonial Pipeline CEO grilled by Congress
Colonial Pipeline Co. CEO Joseph Blount faced criticism from several members of Congress this week during two different hearings on the recent ransomware attack.
This week's Risk & Repeat podcast looks at Colonial Pipeline CEO Joseph Blount's statements before two different congressional hearings this week regarding the recent ransomware attack that shook the pipeline company.
Blount appeared before the Senate Committee on Homeland Security and Governmental Affairs on Tuesday, and the House Committee on Homeland Security on Wednesday, alongside Charles Carmakal, senior vice president and CTO at Mandiant. Blount discussed his company's response to the attack and explained why he, ultimately, made the decision to pay a $4.4 million ransom to DarkSide threat actors. He and Carmakal also shed light on how threat actors gained initial access to the Colonial Pipeline network through an exposed password for a VPN account.
Blount faced more pressure from legislators during Wednesday's House Committee hearing, who questioned the Colonial Pipeline CEO about his decision not to contact the U.S. Cybersecurity and Infrastructure Security Agency for assistance and the postponement of a Transportation Security Administration review. In this episode, SearchSecurity editors Rob Wright and Alex Culafi discuss what we learned during the hearings, how Blount performed under pressure and if the criticism of his decisions is fair.