ADarkWeb

Pipeline hack US Blames Criminal Group in Colonial Pipeline Hack

Gas prices

Pipeline hack US Blames Criminal Group in Colonial Pipeline Hack

F.B.I. Identifies Group Behind U.S. Oil Pipeline Hack Mon, 10 May 2021 10:00:00 -0700-DarkSide, a ransomware organization that researchers say is likely based in Eastern Europe, says it has no connection to foreign governments. The hack has …

U.S. Blames Criminal Group in Colonial Pipeline Hack

Photo: jim watson/Agence France-Presse/Getty Images

A criminal gang believed to be based in Eastern Europe was involved in the hack that has led to the shutdown of the main pipeline supplying gasoline and diesel fuel to the U.S. East Coast, U.S. officials said Monday, as President Biden and others decried the ransomware attack that was used as a growing global problem.

The organization, known as DarkSide, is a relatively new hacking group that Western security researchers say is likely based in Eastern Europe, possibly in Russia. The organization created the malicious computer code that resulted in the shutdown, officials said.

“The FBI confirms that the DarkSide ransomware is responsible for the compromise of the Colonial Pipeline networks,” an Federal Bureau of Investigation spokesman said Monday. “We continue to work with the company and our government partners on the investigation.”

The hack of Colonial Pipeline Co., disclosed over the weekend, has prompted intense concern among senior U.S. officials within the Biden administration, many of whom have already viewed ransomware as a digital blight capable of jeopardizing national and economic security. Ransomware is a practice hackers use to lock up computer systems and demand a payment from victims for their release.

Speaking briefly Monday, Mr. Biden said ransomware was a growing problem in need of a global response and said more investment in critical infrastructure was necessary to safeguard critical systems from debilitating cyberattacks.


قراءة المزيد

U.S. Blames Criminal Group in Colonial Pipeline Hack Mon, 10 May 2021 10:00:00 -0700-The F.B.I. on Monday said that DarkSide, a hacking group, was responsible for the ransomware attack that closed a U.S. pipeline.

F.B.I. confirms group behind the hack of a top U.S. pipeline.

May 10, 2021

The F.B.I. confirmed on Monday that DarkSide, a hacking group, was responsible for the ransomware attack that closed a U.S. pipeline that provides the East Coast with nearly half of its gasoline and jet fuel.

The Biden administration is expected to announce an executive order in the coming days to strengthen America’s cyberdefense infrastructure.

President Biden said on Monday that the government had mitigated any impact the pipeline hack, which prompted emergency White House meetings over the weekend, might have had on the U.S. fuel supply. He added that his administration had efforts underway to “disrupt and prosecute ransomware criminals.”

Colonial Pipeline, the operator of the system, issued a statement saying that restoring service “takes time.” It added that while the situation was “fluid and continues to evolve,” the company would restore service incrementally, with the goal of “substantially” restoring service by the end of the week.

Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, said Monday afternoon that the government believed DarkSide was “a criminal actor” but was looking for any ties the group might have to nation-states.

She added that Colonial had not sought cyber support from the government, and said she could not confirm if the company, a private corporation, had paid any ransom.

Mr. Biden also said on Monday that, so far, there was no evidence from U.S. intelligence officials that Russia was involved, but he added: “There is evidence that the actors’ ransomware is in Russia. They have some responsibility to deal with this.”

Colonial’s pipeline transports 2.5 million barrels each day, taking refined gasoline, diesel fuel and jet fuel from the Gulf Coast up to New York Harbor and New York’s major airports. Most of that goes into large storage tanks, and with energy use depressed by the coronavirus pandemic, the attack was unlikely to cause any immediate disruptions.

Late Friday, Colonial said in a vaguely worded statement that it had shut down its 5,500 miles of pipeline, which it said carried 45 percent of the East Coast’s fuel supplies, in an effort to contain the breach. Earlier in the day, there had been disruptions along the pipeline, but it was not clear at the time whether that was a direct result of the attack or of the company’s moves to proactively halt it.

Continue reading the main story

The F.B.I. confirmed on Monday that DarkSide, a hacking group, was responsible for the ransomware attack that closed a U.S. pipeline that provides the East Coast with nearly half of its gasoline and jet fuel.

The Biden administration is expected to announce an executive order in the coming days to strengthen America’s cyberdefense infrastructure.

President Biden said on Monday that the government had mitigated any impact the pipeline hack, which prompted emergency White House meetings over the weekend, might have had on the U.S. fuel supply. He added that his administration had efforts underway to “disrupt and prosecute ransomware criminals.”

Colonial Pipeline, the operator of the system, issued a statement saying that restoring service “takes time.” It added that while the situation was “fluid and continues to evolve,” the company would restore service incrementally, with the goal of “substantially” restoring service by the end of the week.

Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, said Monday afternoon that the government believed DarkSide was “a criminal actor” but was looking for any ties the group might have to nation-states.

She added that Colonial had not sought cyber support from the government, and said she could not confirm if the company, a private corporation, had paid any ransom.

Mr. Biden also said on Monday that, so far, there was no evidence from U.S. intelligence officials that Russia was involved, but he added: “There is evidence that the actors’ ransomware is in Russia. They have some responsibility to deal with this.”

Colonial’s pipeline transports 2.5 million barrels each day, taking refined gasoline, diesel fuel and jet fuel from the Gulf Coast up to New York Harbor and New York’s major airports. Most of that goes into large storage tanks, and with energy use depressed by the coronavirus pandemic, the attack was unlikely to cause any immediate disruptions.

Late Friday, Colonial said in a vaguely worded statement that it had shut down its 5,500 miles of pipeline, which it said carried 45 percent of the East Coast’s fuel supplies, in an effort to contain the breach. Earlier in the day, there had been disruptions along the pipeline, but it was not clear at the time whether that was a direct result of the attack or of the company’s moves to proactively halt it.


قراءة المزيد

– May 10, 2021
Gas prices