Russian criminal group suspected in Colonial pipeline ransomware attack
Category: News & Politics
Via: perrie-halpern • 3 years ago • 42 commentsBy: Ken Dilanian and Kelly O'Donnell
S E E D E D C O N T E N T
WASHINGTON — A Russian criminal group may be responsible for a ransomware attack that shut down a major U.S. fuel pipeline, two sources familiar with the matter said Sunday.
The group, known as DarkSide, is relatively new, but it has a sophisticated approach to the business of extortion, the sources said.
Commerce Secretary Gina Raimondo said Sunday that the White House was working to help Colonial Pipeline, the Georgia-based company that operates the pipeline, to restart its 5,500-mile network.
The system, which runs from Texas to New Jersey, transports 45 percent of the East Coast's fuel supply. In a statement Sunday, the company said that some smaller lateral lines were operational but that the main lines remained down.
"We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations," the company said.
Raimondo said on CBS' "Face the Nation" that the effort to restart the network was "an all-hands-on-deck effort right now."
"We are working closely with the company, state and local officials to make sure that they get back up to normal operations as quickly as possible and there aren't disruptions in supply," she said, adding: "Unfortunately, these sorts of attacks are becoming more frequent. They're here to stay."
A White House official said Sunday that the Energy Department is leading the government's response. Agencies are planning for a number of scenarios in which the region's fuel supply takes a hit, the official said.
On Saturday, Colonial Pipeline blamed the cyberattack on ransomware and said some of its information technology systems were affected. It said it "proactively" took "certain systems offline to contain the threat."
The company has not said what was demanded or who made the demand.
Although Russian hackers often freelance for the Kremlin, early indications suggest that this was a criminal scheme — not an attack by a nation-state — the sources said.
But the fact that Colonial had to shut down the country's largest gasoline pipeline underscores just how vulnerable the U.S. cyber infrastructure is to criminals and national adversaries, such as Russia, China and Iran, experts say.
"This could be the most impactful ransomware attack in history, a cyber disaster turning into a real-world catastrophe," said Andrew Rubin, CEO and co-founder of Illumio, a cybersecurity company.
"It's an absolute nightmare, and it's a recurring nightmare," he said. "Organizations continue to rely and invest entirely on detection, as if they can stop all breaches from happening. But this approach misses attacks over and over again. Before the next inevitable breach, the president and Congress need to take action on our broken security model."
If the culprit turns out to be a Russian criminal group, it will underscore that Russia gives free rein to criminal hackers who target the West, said Dmitri Alperovitch, a co-founder of the cyber company CrowdStrike who is executive chairman of the Silverado Policy Accelerator, a think tank.
"Whether they work for the state or not is increasingly irrelevant, given Russia's obvious policy of harboring and tolerating cybercrime," he said.
According to a top Reuters cybersecurity reporter, DarkSide has its own website on the dark web that features an array of leaked data from victims who it claims failed to pay ransom. It claims that the group has made millions from cyber extortion.
Ken Dilanian
Ken Dilanian is a correspondent covering intelligence and national security for the NBC News Investigative Unit.
Tim Stelloh and The Associated Press contributed.
Tags
Who is online
455 visitors
A preview of a cyber war with a major power.
Said group could very well be attached to or paid by the GRU.
I hope that President Biden treats Putin like he did Corn Pop!
McConnell has blocked every cybersecurity bill for the last 12 years.
Not true
Yea, it kinda is...
The Senate majority has blocked three bi-partisan election security bills, overriding concerns of the intelligence community and the bills’ sponsors that foreign interference in the upcoming presidential elections has already begun and will escalate.
Senate GOP blocks three election security bills
Cybersecurity Bill Is Blocked in Senate by G.O.P. Filibuster
What are the odds that Trump will rip Putin a new one for the attack?
Zero.
But he talked to putin and putin told him he didn't do it....
Yep... and of course trump will believe Putin over any American or American agency.
Trump is no longer President. Why should he rip Putin for anything?
That is Biden's job now. Unfortunately he sucks at it.
It's amazing how much real estate Trump occupies in some people's heads.
Admitting that you have a problem is the first step to solving it. Good luck with the next steps of your self-healing endeavors.
Trump has never been shy about ripping people. He does it virtually every day of his life. Why would Putin be a sacred cow in Trump's eyes?
Hasn't stopped him from running his cocksucker now then has it?
Tell me about it, Hannity was on a rant about Hillary the other day..
Ya know what? You're right, Putin is the one world leader trump never once had anything bad to say about. Thanks for pointing that out.
[Deleted]
Will you admit that Biden won fairly? Or are you going to continue to perpetuate the Big Lie?
Why are Democrats screeching about Trump not saying anything to begin with?
This is Biden's problem, not Trump's.
Funny how many bitched with every single word Trump uttered, and now they are bitching because he didn't say anything.
Weird shit right there, dude.
Ok, we can ALL pretend that if Trump said one word, the cultists on the left would be fine about him interfering with the Great Biden Administration.
Trump has in fact said more than one word in his life. Are you suggesting that trump has only said one word in his lifetime?
personally, I know of no one who would be dumb enough to believe that or say that.
Thank God, as I can't stomach fools.
Context, man, context--learn it.
Well, as you have pointed out, accuracy when speaking is important.
So is reading comprehension and context.
And I do stand corrected from my earlier post, I do "know' one person who fits the bill.
Do you know how many hackers there are in the world? Add them up and multiply by the number of countries, organizations, and groups out there with a beef against the US, pollution, or are just in it for the money.
Chances are it was the Russians. They are just making sure it was before jumping off the deep end (Seems the media already has). What is there left that we can do against Russia since sanctions and travel bans against their oligarchs have no affect?
It has positively been done by a group of Russians. They have crippled the fuel needs on the east coast yet claim it was only to make money, not hurt anyone. I hope these aholes are rounded up and put away forever.
I hope so, too, but I imagine that they'll be commended by Putin, instead.
At this point, it seems to me that the biggest trouble makers in the world are the Russians. They produce nothing but mischief and angst. Everyone is fixated on China, but they are not the garbage that Russia is.
There are a bunch of cyber threats out there. China, North Korea, Iran, Israel.... The Russian/Russian trained hackers are the best at it. (Or worse depending on how you look at it).
The US has the same capability. I wouldn't want to be on the receiving end of what our hackers can do.
The name of the group is Dark Side.
I beg to disagree. China gave the world covid and doesn't even care if a returning rocket hits population centers. They took advantage of trade deals to take our manufacturing jobs and steal our technology. Democrats love them and we know why. However, let me address your concern about Russia. For four years democrats have beat their breasts over "Russia/Russia", now Joe Biden is president - What is he going to do about it ?
I'm curious, whose bright idea was it to have the one company in control of all of that resource. American industry/government seems to have gotten way from implementing redundancy in their systems. Now the rest of the country has to pay rising gas prices because a company was granted a monopoly over the pipeline and then didn't secure it properly?
No one would have been able to guess that one little cyberattack would shut down the east coast...(/sarc)
Apparently, everybody in the whole damn state of Virginia is out panic buying gasoline. Hurray
This pipeline has been here before the were computers like we have now, how did they make it work back then?
They actually are operating it manually, I read somewhere. Not at its usual capacity, but enough to supply us if everybody would just use their heads.
People are filling plastic grocery bags with gasoline, and now I'm not sure our species deserves to exist.
If you watch the whole video the first bag springs a leak so she puts the leaky one inside of another plastic bag and then puts it in the trunk with bags of food and closes the truck.
This woman is beyond brain dead and a sure winner of the Darwin Award.
I saw. Can you imagine what the inside of her car smells like? I hope she doesn't smoke.
Some people should not be let out unsupervised
I'm honestly not sure how she's lived this long.
The Colonial PIpeline is back in operation as of 5pm today.