NEW: A major U.S. fuel pipeline that was shut down after a ransomware attack may have been struck by a Russian criminal group, two sources familiar with the matter say.
The group, known as DarkSide, is relatively new but has a sophisticated approach to extortion, sources said Sunday.
may have been struck by a Russian criminal group, two sources familiar with the matter said Sunday.The group, known as DarkSide, is relatively new but has a sophisticated approach to the business of extortion, the sources said.Commerce Secretary Gina Raimondo said Sunday that the White House was working to help Colonial Pipeline, the Georgia-based company that operates the pipeline, to restart its 5,500-mile network.
The system runs from Texas to New Jersey and transports 45 percent of the East Coast’s fuel supply. According to CNBC, the pipeline remained mostly offline Sunday.“It’s an all hands on deck effort right now,” Raimondo said on “Face the Nation” on CBS Sunday. “We are working closely with the company, state and local officials, to make sure that they get back up to normal operations as quickly as possible and there aren’t disruptions in supply.”
She added, “Unfortunately, theseare becoming more frequent. They’re here to stay.”On Saturday, Colonial Pipeline blamed the cyberattack onand said some of its information technology systems were affected. It added that it “proactively” took “certain systems offline to contain the threat.” headtopics.com
The company has not said what was demanded or who made the demand.Although Russian hackers often freelance for the Kremlin, early indications suggest this was a criminal scheme — not an attack by a nation state, the sources said.But the fact that Colonial had to shut down the country’s largest gasoline pipeline underscores just how vulnerable American’s cyber infrastructure is to both criminals and national adversaries, such as Russia, China and Iran, experts say.
“This could be the most impactful ransomware attack in history, a cyber disaster turning into a real-world catastrophe,” said Andrew Rubin, CEO and co-founder of Illumio, a cyber security firm.“It’s an absolute nightmare, and it’s a recurring nightmare,” he said. “Organizations continue to rely and invest entirely on detection as if they can stop all breaches from happening. But this approach misses attacks over and over again. Before the next inevitable breach, the President and Congress need to take action on our broken security model.”
If the culprit turns out to be a Russian criminal group, it will underscore that Russia gives free reign to criminal hackers who target the West, said Dmitri Alperovitch, co-founder of the cyber firm CrowdStrike and now executive chairman of a think tank, the Silverado Policy Accelerator.
“Whether they work for the state or not is increasingly irrelevant, given Russia’s obvious policy of harboring and tolerating cyber crime,” he said.According to a top Reuters cyber security reporter, DarkSide has its own web site on the dark web that claims the group has made millions from cyber extortion and features an array of leaked data from victims who failed to pay ransom. headtopics.com
Ken DilanianKen Dilanian is a correspondent covering intelligence and national security for the NBC News Investigative Unit. Read more: MSNBC »
Texas high school valedictorian switches speech to speak out on state's abortion law
CNN News, delivered. Select from our newsletters below and enter your email to subscribe.
Foreign countries do things like this when you have incompetent leadership So the Russian want to play dirty, eh? Well, it's time for the US to strike back with our own hacking team and disrupt their critical infrastructure. It's an eye for an eye and a tooth for a tooth. Pay back is a b... Give them heck,or hell
trump probably gave info. he had access to a lot of info Raise gas prices and Biden gets blamed. Sooner or later we might get tired of his crap and make Putin go through some things.