A Cyberattack Has Shut Down the Largest U.S. Fuel Pipeline
Ransomware attacks are nothing new, though this one carried out by a private group of cybercriminals went farther than any military or intelligence agency hackers ever have.
Colonial Pipe Co., operator of a 5,500-mile pipeline that supplies 45% of the gasoline and jet fuel delivered to the East Coast, announced Saturday that it had been the victim of a ransomware attack. To contain the threat, the company took “certain systems offline,” which has temporarily stopped pipeline operations.
Ransomware attacks typically involve hackers blocking access to computer systems until a sum of money (typically requested in Bitcoin) is paid, literally taking the contents of the device or system hostage and demanding a ransom.
Who’s behind it?
On Monday, the FBI confirmed that DarkSide ransomware software was used in the attack. DarkSide, like many other ransomware software, avoids encrypting (i.e., taking hostage) computer systems with the language set to Russian, leading many to speculate Russia is involved in the attack. President Biden said there is currently no evidence that Russia is involved, though he believes the group does live in the country.
Why this is big:
Aside from the whole crippling of a vital fuel supply, this ransomware attack targeted something military and intelligence agencies around the world never have: another country’s energy infrastructure. Experts in the cybersecurity industry aren’t surprised, however, they’ve been warning of this possibility for years.