Ransomware has encrypted all the servers of Colonial Pipeline, the largest U.S. fuel company, the source of nearly half of the U.S. East Coast’s fuel supply. The incident is one of the most damaging hacking operations ever reported. The prolonged shutdown of the line will cause gasoline prices to spike before the peak summer? season, which could hit the U.S. economy. Colonial transports 2.5 million barrels of gasoline and other fuels a day through 5,500 miles (8,850 km) of pipelines connecting Gulf Coast refineries to the eastern and southern United States. It also serves some of the nation’s largest airports, including Atlanta’s Hartsfield Jackson Airport, which is the world’s busiest in terms of passenger traffic. According to investigators, the extortionists are a certain group called DarkSide, which is known for using ransomware while avoiding targets in post-Soviet states. A White House spokesman said President Joe Biden was briefed on the incident Saturday morning, adding that the government is trying to help the company restore operations and prevent disruptions in supply. […]
Prices have already begun their rise, adding 2-3% (https://www.bbc.com/news/business-57050690). Experts say the consequences will be much worse if this continues. Demand — especially for automotive fuel — is rising as consumers return to the roads and the U.S. economy tries to shake off the effects of the pandemic. DarkSide, which infiltrated Colonial’s network and shut down oil pipelines has taken nearly 100GB of data hostage. The hackers are demanding a ransom for them no later than Friday. If it is not paid, they threaten to put all the data online. Colonial said it is working with law enforcement, cybersecurity experts and the Department of Energy and is “in the process of restoring service.” Digital Shadows, a London-based cybersecurity firm, claimed the Colonial Pipeline cyberattack stemmed from the coronavirus pandemic – an increase in engineers accessing pipeline control systems remotely from home. DarkSide was able to obtain account login information related to remote desktop software, such as TeamViewer and Microsoft Remote Desktop. And the login points were found using the Shodan search engine (https://www.shodan.io/)
DarkSide apologized to the people of america.
The DarkSide hacker group accused of a ransomware attack on the Colonial oil pipeline said on its darknet site that “they regret that they caused problems for the community, they didn’t mean it.” In their statement, the hackers claim (https://www.ft.com/content/0afb53f0-f382-442a-9a32-02824ce8bb70) that they are apolitical and also try to shift the blame for the attack to “partners” who used its ransomware technology.
DarkSide became one of the leading ransomware companies last August and is believed by the FBI to be run from Russia by an experienced team of online criminals. The group has rented its services to darknet ransomware programs and is already so rich that it runs its own “press office.” Previously, they even gave an email interview to the security blog DataBreaches (https://www.databreaches.net/a-chat-with-darkside/) in which they reported that it was all just business:
“Our goal is to make money, not create problems for society,” DarkSide said, adding that it “will vet every company that our partners want to encrypt to avoid social consequences in the future.” And some of the extorted money will begin to be donated to charity.
This post is also available in: Русский Founded by Bram Cohen, inventor of the BitTorrent protocol, Chia Network is creating a better blockchain and smart-transaction platform that will be more decentralized, more efficient and more secure. The Chia Network supports the development and deployment of the Chia blockchain worldwide. The […]