A ransomware attack against Colonial Pipeline's networks prompted them USA to declare 17 states in a state of emergency.
The news comes as the The US Federal Bureau of Investigation (FBI) has confirmed that ransomware attack is responsible for shutting down one of the country's largest pipelines over the weekend. The attack forced the Colonial Pipelien company to close the 8.800-kilometer fuel pipeline that starts in the city of Houston, Texas and ends in the port of New York. Of course, there was panic but also concerns about the vulnerability of US energy infrastructure to cyber attacks.
The States and jurisdictions affected Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, Mississippi, NY New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.
The issue is serious as these states may run out of minerals fuel κάθε είδους, και να προκληθούν προβλήματα σε αερομεταφορές, κίνηση οχημάτων κλπ. Το βάρος του εφοδιασμού της market they are trying to cover it with tankers.
The Colonial Pipeline continues to work on cooperation with cyber experts, law enforcement, and other federal agencies, to restore pipeline operations quickly and safely. The US government said on Monday that there is no evidence to suggest that Russia was involved in the ransomware attack.
The blackmailers, on the other hand, are a group called Darkside, and its leaders left a message saying: "We are apolitical, we do not participate in geopolitics, you do not need to associate us with a specific government and look for other motives. Our goal is to make money and not create problems in society. ”
Darkside is a relatively new player in the ransomware game. However, it already has a good reputation in analyst circles as a professional and organized team. The team has a telephone number and a help desk to facilitate negotiations with its victims !!. They also seem to put a lot of effort into gathering information about their victims, not just technical information about their environment, but general information about the company itself, such as the size and estimated revenue of the organization.
DarkSide's motive is to issue corporate-style press releases to Tor to showcase professionalism in its criminal activities.
The Colonial Pipeline incident is the latest cyber attack on the US government in recent months, following the SolarWinds violations by rather Russian agents and the exploitation of Microsoft Exchange vulnerabilities Server & Hosting by Chinese people.