On the 29th of April 2021, a group of hackers from Eastern Europe secretly gained access to Colonial Pipes Company’s networks. Eight days later, on the 7th of May 2021, Colonial’s largest pipeline in the US went down. This incident led to an emergency declaration, fuel shortages, and in some cases, price hikes along the East Coast.
How did they do it?
The pipeline went down due to ransomware wreaking havoc on computers managing the pipeline. $4.4 million later, the company received the keys to unlock their files, only to discover the network was operating very slowly. On top of this, some 100GB of data was stolen.
When investigators got to work to find out what had happened, the route became apparent. A compromised password and lack of multi-factor authentication made the entire job possible for the hackers to break into the system and take control. Security professionals agree that two-factor authentication (2FA) would have probably stopped the attack right in its tracks had it been implemented.
The case for better WordPress security
Ransomware and other types of attacks are often indiscriminate in whom they target. User credentials are the most sought-after data type by malicious actors. As such, managing this security risk and the security of a WordPress website is one of the most basic and necessary things any administrator should undertake.
As in the Colonial case, two-factor authentication is a solid deterrent that prevents unauthorized access. 2FA is also easy to implement and manage, with plugins like WP 2FA increasing the security of thousands of WordPress websites day in and day out.
However, security is not the only benefit of 2FA, even though it’s a major one. While this alone is a good enough reason to implement 2FA on your WordPress website, having even more benefits to look forward to is always a great thing.
Implementing policies is a critical step towards achieving consistency and longevity. Policies such as security policies can help you ensure that everyone adheres to a set of standards that align with the company’s mission. On the flip side, the introduction of new policies and software must take these policies into account. With 2FA plugins available in all shapes and sizes, finding one that fits current procedures is easy. WP 2FA, in particular, offers a high degree of customization and control over the look, feel, and operations of two-factor authentication on WordPress.
Fewer helpdesk calls
With some 40% of helpdesk calls being password-related, self-service can be a game-changer. It frees up time and resources to take on postponed projects and address other areas that might need attention. WP 2FA offers friendly wizards and backup codes, giving users the tools they need to implement 2FA without assistance.
Mass password leaks happen. It can also be challenging to stop users from using passwords they use somewhere else. This makes it very difficult to ensure adequate protection, even if you have a strong password policy. Implementing 2FA can ensure that the login process is as secure as possible, requiring multiple authentication factors before granting access.
Regulatory requirements such as PCI DSS, GDPR, and others put a lot of emphasis on security, and rightly so. More and more aspects of our lives are becoming digitized, making security increasingly crucial. 2FA can help you comply with regulatory requirements and increase your users’ and customers’ trust in you as you show that you take the security of their information seriously.
Install WP 2FA today and start reaping the benefits
WP 2FA is easy to install and takes mere seconds to configure and deploy. It supports multiple 2FA apps and is multisite compatible. Furthermore, the plugin is flexible enough to give you complete control over how 2FA is introduced and managed, thanks to all the features this 2FA solution for WordPress has.