Three Simple and Effective Safety Measures to Protect Your Business Against a Cyber Attack

This past spring, hackers were able to halt the operations of the largest fuel pipeline in the US, with a single compromised password. These types of attacks are happening everyday and businesses of all sizes can be targets. Here are three simple measures that your business can take to prevent attacks like the one that shut down Colonial Pipeline.
Categories: Business Insurance
Nov 16th, 2021 | By: CapriCMW

This past spring, hackers were able to halt the operations of Colonial Pipeline, the largest fuel pipeline in the United States, with a single compromised password. It was one of many leaked passwords in a batch sold on the dark web and had previously been used by an employee to access Colonial Pipeline's virtual private network. Although the account was no longer active, the password still worked. The breach led to Colonial Pipeline shutting down its entire gas pipeline system, resulting in a mass gas shortage and panic buying among consumers. Gas prices spiked dramatically along the East Coast at this time. To get its system back online, Colonial Pipeline Co. paid a ransom of nearly $5 million in bitcoin.

This is just one example of the numerous ransomware attacks on businesses that are happening everyday. An Emsisoft study released earlier this year estimated that there were over 3,000 ransomware attacks on Canadian organizations in 2020 with ransom demands ranging from US $123,697,351 to $494,789,403. These numbers do not include the losses arising from business downtime and additional costs of restoring data and systems. 

Cyber attacks are increasing at an alarming rate and the methods used are growing in sophistication. However, many Canadian businesses are still not investing in leveling up their cybersecurity and cyber insurance.

Here are three simple measures that businesses can take to help prevent attacks like the one that shut down Colonial Pipeline:  


The complexity of the password will not make a difference if it is being used on multiple websites that can be compromised. As with the Colonial Pipeline incident, hackers can buy stolen passwords online in batches and use them to gain access to company networks and systems. Instruct your staff to avoid using the same passwords on multiple websites.


When an employee leaves, delete all of their accounts, including older ones from systems no longer in use. In the case of Colonial Pipeline, although the compromised account was no longer in use, the username and password still allowed access to the company's network. 


Two-factor authentication is a commonly used security feature, which involves each employee using a username and password, as well as a secondary measure such as entering a code that is texted to their mobile device. While MFA can still be breached, it serves as another layer of protection against hackers attempting to exploit unprotected passwords. 

Contact a CapriCMW Risk Advisor to discuss your options for cyber insurance and other risk management tools and strategies to protect your business. 

 This content is powered by the Canadian Broker Network.


CapriCMW is a proud member of the Canadian Broker Network (CBN), an alliance of Canada’s leading independent insurance brokerages representing over 50 offices, 1,500 professionals and over $1 billion in premiums. Learn more at

Recent Blog Posts

Business Insurance / Construction, Real Estate, mass timber, sustainable housing
BC Proposes Building Code Changes to Allow 18-Storey Mass Timber Buildings

The provincial government has proposed changes to the British Columbia Building and Fire Codes (BC…

Dec 27th, 2023 | By: CapriCMW
Business Insurance / Small Business, SME, commercial property
Applications Open for BC's Securing Small Business Rebate Program

As of November 22, 2023, small businesses in BC can apply for a new provincial rebate to help them…

Dec 12th, 2023 | By: CapriCMW
Employee Benefits / employment law, employee benefts, pay transparency, pay equity
New Pay Disclosure Requirements Now in Effect for BC Employers

As of November 1, 2023, employers are required to include wage or salary ranges in job postings open…

Nov 16th, 2023 | By: CapriCMW
Search the Blog

Confidence and Freedom

At CapriCMW, we provide personalized insurance and custom risk solutions to give you the confidence and freedom to focus on what matters to you. Talk to an Advisor or get a quote today.

Get a Quote    Or call 1-800-670-1877

Can’t find what you are looking for? Ask us!