A ransomware group with a social conscience may be behind the attack
A cyberattack has forced the shutdown of a major gas pipeline in the U.S. The target, Colonial Pipeline, supplies 45% of the fuels to the East Coast of the U.S.
The attack against Colonial Pipeline began Friday night, according to a Federal Emergency Management Agency.
“We proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems,” the company said in a statement.
“Maintaining the operational security of our pipeline, in addition to safely bringing our systems back online, remain our highest priorities,” they added.
Colonial Pipeline said in an update Saturday the attack involved ransomware. “Leading, third-party cybersecurity experts were also immediately engaged after discovering the issue,” they said. These experts have launched an investigation into the nature and scope of this incident, they added.
“We have remained in contact with law enforcement and other federal agencies,” the company said. This includes the Department of Energy, which is leading the Federal Government response.
The DarkSide Group may be responsible
Reuters has reported that the attack may have involved the DarkSide ransomware group. That group and related ransomware first emerged in August. At that time they were linked to the GandCrab and Sodinokibi groups at the time.
In previous attacks, the group typically demanded a ransom payment of between $200,000 and $2 million.
DarkSide became infamous last October when they started making charitable donations using funds they had extorted from various businesses. The group have also said that they would not attack hospitals, schools, universities, nonprofits and the government sector.
Colonial’s network supplies fuel from U.S. refiners on the Gulf Coast to the eastern and southern United States. It transports 2.5 million barrels a day of gasoline, diesel, jet fuel and other products through 5,500 miles of pipelines.
“We appreciate the patience and outpouring of support we have received from others throughout the industry.”
56 minutes ago
