An ransomware attack on Colonial Pipeline networks prompted the United States to declare 17 states a state of emergency.
The news comes as the The US Federal Bureau of Investigation (FBI) has confirmed that ransomware attack is responsible for shutting down one of the country's largest pipelines over the weekend. The attack forced her company Colonial Pipelien to close the 8.800 km long fuel pipeline that starts in the city of Houston, Texas and ends in the port of New York. Of course, there was panic, but also concerns about the vulnerability of the American energy infrastructure to cyberattacks.
The States and jurisdictions affected Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, Mississippi, NY New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.
The issue is serious as these states are likely to run out of fossil fuels of all kinds, and cause problems in aviation, vehicle traffic, etc. They try to cover the burden of market supply with tankers.
Colonial Pipeline continues to work in partnership with cyber experts, law enforcement, and other federal agencies to restore pipeline operations quickly and safely. better safety. The US government said on Monday that there is no evidence to suggest that Russia was involved in the ransomware attack.
On the other hand the extortionists are a group titled as Darkside and its administrators left a message saying the following: “We are apolitical, we don't participate in geopolitics, you don't need to associate us with a specific government and look for other motives. Our goal is to make money and not create problems in society.”
Darkside is a relatively new player in the ransomware game. However, it already has a good reputation in analyst circles as a professional and organized team. The team has a telephone number and a help desk to facilitate negotiations with its victims !!. They also seem to put a lot of effort into gathering information about their victims, not just technical information about their environment, but general information about the company itself, such as the size and estimated revenue of the organization.
DarkSide's motive is to issue corporate-style press releases to Tor to showcase professionalism in its criminal activities.
The Colonial Pipeline incident is the latest cyber attack on the US government in recent months, following the SolarWinds violations by rather Russian agents and the exploitation of Microsoft vulnerabilities Exchange Chinese server.
