An ransomware attack on Colonial Pipeline networks prompted the United States to declare 17 states a state of emergency.
The news comes as the The US Federal Bureau of Investigation (FBI) has confirmed that ransomware attack is responsible for shutting down one of the country's largest pipelines over the weekend. The attack forced the Colonial Pipelien company to close the 8.800-kilometer fuel pipeline that starts in the city of Houston, Texas and ends in the port of New York. Of course, there was panic but also concerns about the vulnerability of US energy infrastructure to cyber attacks.
The States and jurisdictions affected Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, Mississippi, NY New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.
The issue is serious as these states are likely to run out of fossil fuels of all kinds, and cause problems in aviation, vehicle traffic, etc. They try to cover the burden of market supply with tankers.
Colonial Pipeline continues to work in partnership with cyber experts, law enforcement, and other federal services, to restore pipeline operations quickly and safely. The US government said on Monday that there is no evidence to suggest that Russia was involved in the ransomware attack.
On the other hand, blackmailers are one team which is titled as Darkside and its administrators left a message saying the following: “We are apolitical, we do not participate in geopolitics, you do not need to associate us with a specific government and look for other motives. Our goal is to make money and not create problems in society.”
Darkside is a relatively new player in the ransomware game. However, it already has a good reputation in analyst circles as a professional and organized team. The team has a telephone number and a help desk to facilitate negotiations with its victims !!. They also seem to put a lot of effort into gathering information about their victims, not just technical information about their environment, but general information about the company itself, such as the size and estimated revenue of the organization.
The motif of DarkSide is to issue corporate-style press releases on Tor to give a professional window to its criminal activities.
The Colonial Pipeline incident is the latest cyber attack on the US government in recent months, following the SolarWinds violations by rather Russian agents and the exploitation of Microsoft vulnerabilities Exchange Server by Chinese people.
