The Colonial Pipeline Hack
As you may have heard by now, Colonial Pipeline, the largest fuel pipeline in the United States, was hit with a devastating ransomware attack.
Colonial Pipeline is responsible for pushing 2.5 million barrels per day through its 5,500-mile pipeline along the East Coast. All that fuel accounts for about 45% of all the fuel consumed on the East Coast and on Friday it was all forced to a halt.
The pipeline giant was hit with a ransomware attack from a group known as DarkSide, a suspected Russian based ransomware-as-a-service organization that creates custom ransomware for their paying clients for them to deploy on targets such as the pipeline.
After gaining so much attention from this attack, the DarkSide group issued a press release seemingly showing that they did not intend to shutdown the pipeline and were unaware that their client was targeting such an operation.
"We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined goverment and look for other our motives.
Our goal is to make money, and not creating problems for society.
From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future."
DarkSide first made their appearance in August of 2020 and was unique in that they claimed they would never target certain type of organizations such as hospitals, schools, government and non-profit organization.
They claim to only hit companies that they know can pay the ransom and not destroy the company.
DarkSide is heavily suspected to be located in Russia and made of members from previous well known ransomware-as-a-service groups REvil and GandCrab based off of the code of the ransomware and how the group behaves.
Whether or not the group knew what they were targeting, the shutdown of the gas pipeline has hit the South East hard with gas stations across the area running out of fuel and having to shut off their pumps.
It is believed that the shortage will last until the end of the week as Colonial Pipeline continues recovery and ensuring that the ransomware is removed from their network.