Colonial Pipeline Darkside ransom hack shows nobody safe

“Following this restart, it will take several days for the product delivery supply chain to return to normal,” the Georgia-based Colonial Pipeline Co said in a statement. They must invest in the state-of-the art security programs, which must be constantly updated,” he said, arguing that the blockchain technology provides best protection against unwanted interference of third parties. “Naturally, infrastructures in Europe and in fact anywhere else in the world can became a potential target of the Darkside,” he added. The BKA presented the federal picture of the Cybercrime 2018 in Germany. It was later reported that Colonial Pipeline paid nearly $5 million as a ransom to hackers after the company fell victim to the cyberattack. Zaborowski explained that the Darkside operates like a business, which can be contracted to perform an attack on a selected services and demand ransom in exchange for decryption tools. The cyberattack on the Colonial Pipeline, which is an important source of refined oil products in the US, is 5,500 miles long and can carry 3 million barrels of fuel per day between Texas and New York, caused gas price hikes as motorists feared fuel shortages. As Colonial Pipeline tried to restore most of its operations, lines of panic buyers formed at gas stations across the Southeastern United States. “Encryption mechanisms rarely give a chance of successful decryption, this is the case when it is much easier and cheaper to prevent infection than to correct the consequences of an attack that has already occurred,” Yarnikh said. Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal,” the company added. “As a company, we participate and promote the non-profit initiative in every possible way https://www.nomoreransom.org/. “Of course, paying a ransom is sending a signal of encouragement to cyber criminals. Zaborowski told New Europe the Darkside group emerged first at the Russian language forums and the Colonial Pipeline attack is believed to have originated from the Russian territory. “In my opinion, we need an international format for investigating such incidents. Yarnikh called for an international format for investigating ransomware cyberattacks. “It’s highly effective and commercially minded,” he said. EPA-EFE/RONALD WITTEK

A digital screen displays a live cyber hack attack during a press conference at the Federal Criminal Police Office (BKA) in Wiesbaden, Germany, 11 November 2019. So that the affected companies do not pay a ransom and have the opportunity to save their data for free. “We continue to work with the company and our government partners on the investigation,” the FBI said in a statement. Andrey Yarnikh, head of strategic projects at Russia’s Kaspersky lab, told New Europe on May 14 currently, encryption ransomware programs are one of the most dangerous trends for the Internet. “However, the involvement of the Russian government seems unlikely at the point in time,” the GLOBSEC expert said. He noted that efforts were underway with the FBI and DOJ – Department of Justice – to disrupt and prosecute ransomware criminals. Unfortunately, this is not always possible… according to the attribution of cyberattacks, it is also impossible to draw unambiguous conclusions, criminals sell each other attack tools, use false traces and specifically leave false flags in order to direct researchers on a false trail,” Yarnikh said. The GLOBSEC expert said the payment risks encouraging other criminal groups to take US companies hostage by seizing control of their computers. EPA-EFE/RONALD WITTE

Batten down the encryption hatches

Facebook

Twitter

Linkedin

WhatsApp

Viber

Email

Print

The largest pipeline system for refined oil products in the US, the Colonial Pipeline, was shut down last week after a ransomware cyberattack. Earlier, Deputy National Security Adviser for Cyber and Emerging Technologies Anne Neuberger said transnational criminals are most often the perpetrators of these crimes, and they often leverage global infrastructure and global money laundering networks. Atlantic Council expert Cynthia Quarterman, which is a distinguished fellow at the Global Energy Center and former administrator of the US Department of Transportation’s Pipeline and Hazardous Materials Safety Administration, said any increase in gas prices “is likely to be mildly escalatory and short-lived.” But she added that the hack “exposes the soft underbelly of the nation’s critical energy infrastructure”. “They have some responsibility to deal with this,” Bloomberg quoted Biden as telling reporters at the White House on May 10, after announcing that “my administration will be pursuing a global effort of ransomware attacks”. The BKA presented the federal picture of the Cybercrime 2018 in Germany. The Colonial Pipeline said on May 12 it will take several days for the product delivery supply chain to return to normal and pledged to move as much gasoline, diesel and jet fuel as is safely possible. style=”font-size:40px; line-height: 1.3em; font-weight: 800; padding:7px;”>Colonial Pipeline Darkside ransom hack shows nobody safe

By Kostis Geropoulos
Energy & Russian Affairs Editor, New Europe

epa07988392 A digital screen displays a live cyber hack attack during a press conference at the Federal Criminal Police Office (BKA) in Wiesbaden, Germany, 11 November 2019. US President Joe Biden has said that Russia bears some responsibility for the Colonial Pipeline cyberattack, but stopped short of blaming the Kremlin. “In that circumstance, an environmental, explosive, or economic catastrophe might not be averted.”
follow on twitter @energyinsider Colonial Pipeline had to shut it down on May 8 following a cyberattack which later the FBI confirmed that the Darkside ransomware was responsible for the compromise of the pipeline networks. If a company like Colonial, which should have the resources for robust cyber defenses, could be “paralyzed,” Quarterman added, that means smaller companies are even more vulnerable to attack. We can expect more cyberattacks now,” Zaborowski said. Marcin Zaborowski, policy director of the GLOBSEC Future of Security Program, told New Europe on May 13 that companies must assume that sooner or later they will become cyber-security targets. “Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period. On May 12, the pipeline initiated the restart of operations but the attack highlights the risk of cyber-security threats against important energy infrastructures. not the accusatory bias of ‘probably and possibly’ but joint work – possibly at the UN level – to counter cross-border criminals,” he told New Europe.