Ian Patrick, FISM News
A cyberattack rocked an energy company on May 7, and U.S. citizens residing along the Eastern seaboard may be in for a rocky few days.
The top U.S. fuel pipeline operator known as Colonial Pipeline announced on May 9 that it was the victim of a ransomware attack a few days earlier, prompting its state-spanning pipeline to shut down while the company deals with the attack. The pipeline, which carries roughly 2.5 million barrels of gasoline and other fuels per day, runs from the Gulf Coast in Texas all the way to Virginia and New Jersey.
Colonial Pipeline stated that there are multiple investigations into the effort, including some from the federal government.
Leading, third-party cybersecurity experts were also immediately engaged after discovering the issue and launched an investigation into the nature and scope of this incident. We have remained in contact with law enforcement and other federal agencies, including the Department of Energy who is leading the Federal Government response.
The federal investigation has so far revealed that the hackers could be from a cybercriminal organization known as DarkSide. Made up of veteran criminal hackers, the organization tries to act like a modern Robin Hood by selectively choosing bigger, richer companies and meticulously scouting them before initiating a hack. They try to squeeze as much money from their targets as possible, and even once gave some money from their ransoms to charities, although the charities ultimately denied the donations due to their criminal origins.
Ransomware itself is a type of hack that encrypts the files from a targeted computer or system. The actor then asks for a payment from the victim in order to receive their files back, usually in the form of a digital currency such as bitcoin.
Although the shutdown is still in effect, Colonial said that they began restarting certain smaller pipelines to try and mitigate the absence of fuel in certain areas. The main line still remains shut. The Department of Transportation also announced that their Federal Motor Carrier Safety Administration will be aiding Colonial at the time.
FMCSA is issuing a temporary hours of service exemption that applies to those transporting gasoline, diesel, jet fuel and other refined petroleum products to Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.
DarkSide reportedly responded to Colonial’s statement, but in a very indirect way. Reuters reports that their website, located somewhere in the dark web, featured a release focused on “the latest news” stating “our goal is to make money, and not creating problems for society.”