A ransomware attack against Colonial Pipeline networks prompted the US to declare a state of emergency in 17 states need.
The news comes as the The US Federal Bureau of Investigation (FBI) has confirmed that A ransomware attack is responsible for shutting down one of the country's largest pipelines over the weekend. The attack forced Colonial Pipelien to shut down the 8.800-kilometer fuel pipeline that runs from the city of Houston, Texas, to the port of New York. Of course there was panic, but also concerns about the cyber vulnerability of the US energy infrastructureattacks.
The States and jurisdictions affected Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, Mississippi, NY New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.
The issue is serious as these states are likely to run out of fossil fuels of all kinds, and cause problems in air transport, movement vehicles etc. They try to cover the burden of supplying the market with tankers.
Colonial Pipeline continues to work in partnership with cyber experts, law enforcement, and other federal agencies to restore pipeline operations quickly and safely. THE government The United States said Monday that there was no evidence that Russia was involved in the ransomware attack.
The blackmailers, on the other hand, are a group called Darkside, and its leaders left a message saying: "We are apolitical, we do not participate in geopolitics, you do not need to associate us with a specific government and look for other motives. Our goal is to make money and not create problems in society. ”
The Darkside team is a relatively new player in the ransomware game. Nevertheless, it already has quite a reputation in analyst circles as a professional and organized team. The group has a telephone number and a help desk to facilitate negotiations with its victims!!. They also seem to put a lot of effort into gathering information on their victims, not just techniques information about their environment, but more general information about the company itself, such as the size and estimated revenue of the organization.
DarkSide's motive is to issue corporate-style press releases to Tor to showcase professionalism in its criminal activities.
The Colonial Pipeline incident is the latest cyber attack on the US government in recent months, following the SolarWinds violations by rather Russian agents and the exploitation of Microsoft Exchange Server vulnerabilities by the Chinese.
