The largest pipeline network in the United States confirmed to have suffered a “ransomware” attack: who are the alleged hackers

Colonial Pipeline, the largest pipeline network in the United States, paralyzed all of his operations and confirmed having suffered ransomware attack in which a group of hackers blocked access to company computers and demanded money to free them.

In a statement, the company revealed that it had to suspend all operations on Friday due to a “ransomware” attack.

Colonial did not disclose who may be behind the attack, although cybersecurity experts point out how possible suspect of “DarkSide”, a group of hackers with a recent history of operations that some experts suspect to be based in Eastern Europe.

The agency Bloomberg reported that the attackers stole around 100 gygabites of company information in just a few hours on Thursday, under a double extortion scheme, one of DarkSide’s characteristics: on the one hand, the company is threatened with information leakage; on the other hand, the systems remain inaccessible until the ransom is paid.

At the moment, it is not known how much money they have requested from Colonial, but in the past asked for hundreds of thousands to millions of dollars, paid in crypto-currencies. It is not uncommon for companies to pay, backed by insurance policies.

Darkside hackers, who have so far not confirmed authorship of the attack, gained attention last year with a proclamation of moralistic tint, and they showed receipts for donations to charities.

In addition, the group assures that it is not part of its plans to hack schools, hospitals, nonprofits or government entities, but rather big companies that can pay the ransoms. Most of its goals have been achieved in English-speaking countries.

Meanwhile, the Georgia state-based colonial company said it was working “diligently” to resolve the issue and minimize disruption for its customers. For the time being, the transport of fuel is still suspended in the 8,850 kilometers of oil pipelines managed by Colonial, essential to supply the large towns in the east and south of the country.

The company transports up to 2.5 million barrels of gasoline, diesel and jet fuel per day from refineries in the Gulf of Mexico to the southern and eastern United States. % of fuel transport in this area, according to its website.

To restore service, Colonial said it hired a “big” cybersecurity firm and worked with government agencies. Colonial has not disclosed the name of the company, but US media point to “FireEye,” one of the largest cybersecurity companies in the United States that provides services to businesses and governments.

US President Joe Biden was briefed on the incident on Saturday, according to a White House spokesman, who assured government cybersecurity agencies were doing everything possible to ensure Colonial could restore fuel transportation as quickly as possible. possible.

According to cybersecurity firm Coveware, last year victims of “ransomware” had to pay an average of $ 310,000 to unlock their computer systems. It is one of the biggest “ransomware” attacks ever made public in the United States.

Some lawmakers have already called for stricter regulations to protect the country’s energy infrastructure and have expressed concern about the impact this could have on fuel prices. So far, however, the impact on fuel prices has been minimal, with only a 1% increase in the value of gasoline and diesel in the futures markets.

The pandemic has reduced fuel use, mainly due to reduced transportation, so if service is restored quickly, the impact could be minimal. However, If the interruption lasts several days, the effects could be negative and mainly affect the southeast of the country, warned the American Automobile Association..

(With information from EFE)

KEEP READING: