Cyber criminal gang DarkSide executed a ransomware attack against the US, shutting down their largest oil pipeline and triggering a state of emergency.
Operators of the United States’ largest oil pipeline fell victim to a ransomware attack over the weekend, which shutdown the company’s primary oil transporting pipelines and sparking a fuel crisis across the east coast.
According to the BBC, Colonial Pipelines transports some 45 per cent of the diesel, jet fuel and petrol on the east coat of the US, amounting to an estimated 2.5 million barrels of oil a day.
The FBI announced on Monday that the culprit of the attack was the cyber criminal gang DarkSide, which used its DarkSide ransomware to execute the attack.
“The FBI confirms that the DarkSide ransomware is responsible for the compromise of the Colonial Pipeline networks. We continue to work with the company and our government partners on the investigation,” the FBI published on its website.
President Joe Biden confirmed that he is currently receiving daily security briefings following the incident, which has raised major questions regarding the US’ national resilience regarding energy and fuel security. The President outlined that the US will strengthen the security systems of the nation's primary industries.
“So to jumpstart greater private-sector investment in cyber security, we launched a new public-private initiative in April. It begins with a 100-day sprint to improve cyber security in the electric sector, and we’ll follow that with similar initiatives in natural gas pipelines, water and other sectors. In addition to companies stepping up, we need to invest to safeguard our critical infrastructure,” President Biden said.
"I'm going to be meeting with President Putin, and so far there's no evidence from our intelligence people that Russia is involved," President Biden responded to a reporter. "Although, there's evidence that the actors' ransomware is in Russia, they have some responsibility to deal with this."
Following the declaration of a state of emergency following the attack, the Department of Transportation outlined, “This declaration addresses the emergency conditions creating a need for immediate transportation of gasoline, diesel, jet fuel and other refined petroleum products and provides necessary relief.”
Cyber criminal gang DarkSide, however, waved away speculation that the attack was politically motivated.
"We do not participate in geopolitics, do not need to tie us with a defined government," DarkSide said.
According to the BBC, when accessing the cyber gang’s website in the darkweb, a message reads, “Our goal is to make money and not creating problems for society.”
The hack on Colonial Pipelines follows the same formula that was recently used with the hack on Telstra providers Schepisi Communications, who gained access to tens of thousands of business sim cards.
The methodology involves cyber criminals encrypting pockets of valuable data and processes, charging the breached company to provide payment in exchange for access to the decryption tool and thus averting a data leak.
More to follow.
[Related: UnitingCare Queensland hacked]
Editor – Defence and Security, Momentum Media