US fuel pipeline hackers reveal their motive

Colonial Pipeline was forced to suspend 5,500 miles of pipeline between Texas and New York after hackers breached its networks

The hackers behind the ransomware attack on the largest pipeline operator in the US, Colonial Pipeline, have revealed the motive behind the data theft.

According to a statement released by DarkSide, the hacking group responsible for the attack, the cyber criminals were not planning to create issues for the general public. The hackers went on to maintain that their goals were purely financial and that the hacking group was "apolitical" and not state-backed.

“Our goal is to make money, and not creating [sic] problems for society,” hackers stated in a post on their website, adding that there is no "need to tie” them with any particular government. The hacking group had been suspected to be supported by a Russian or other post-Soviet state due to their history of targeting US organisations.

DarkSide pledged to carry out checks on fellow cyber criminals "to avoid consequences in the future” similar to the one’s created by their attack on Colonial Pipeline, which took place late last week.

The pipeline operator has released a new statement confirming that its services will remain inactive for another few days and that it will attempt to restore them in a phased approach:

“This plan is based on a number of factors with safety and compliance driving our operational decisions, and the goal of substantially restoring operational service by the end of the week,” the company announced.

Colonial Pipeline's website is currently inaccessible due to a 502 Bad Gateway error.

10/05/2021: Ransomware leads to shutdown of US fuel pipeline

A ransomware attack has lead to the shutdown of one of the main fuel pipelines in the US after hackers targeted the networks of Colonial Pipeline. 

The company, which manages 45% of the US east coast’s fuel supplies, was forced to suspend 5,500 miles of pipeline between Texas and New York after falling victim to a double-extortion scheme carried out by the DarkSide ransomware group. 

DarkSide, which is believed to be based in a post-Soviet country, is known for targeting US organisations. The group recently made headlines for selling information about their ransomware attacks to stock traders, and months earlier, it attempted to donate around $20,000 in stolen Bitcoin to charity before the donations were refused.

Last Thursday, DarkSide managed to obtain almost 100GB of data from Colonial Pipeline’s network, before locking computers with ransomware and demanding payment, two people involved in the investigation told Bloomberg. This forced the fuel operator to shut down operations on Friday, with the incident being confirmed by the company on Saturday.

“On May 7, Colonial Pipeline Company learned it was the victim of a cyber security attack and has since determined that the incident involved ransomware. Quickly after learning of the attack, Colonial proactively took certain systems offline to contain the threat. These actions temporarily halted all pipeline operations and affected some of our IT systems, which we are actively in the process of restoring,” Colonial Pipeline stated.

“Leading, third-party cybersecurity experts were also immediately engaged after discovering the issue and launched an investigation into the nature and scope of this incident. We have remained in contact with law enforcement and other federal agencies, including the Department of Energy who is leading the Federal Government response,” it added.

The Biden administration announced an emergency loosening of regulations for the transport of petroleum products on highways, with the Department of Transportation issuing a temporary waiver to enable oil products to be shipped in tankers up to New York.

However, government cyber security expert at Nominet, Steve Forbes, warned that “the attack on Colonial is likely to have a ripple effect across the globe”.

Related Resource

The business guide to ransomware

Everything you need to know to keep your company afloat

The business guide to ransomware - whitepaper from DattoFree download

“While the demand for oil across the US east coast is evident, the fact that this is already impacting the financial markets and traders, demonstrates that it really is the tip of the iceberg. That’s not to mention the fact that the severity of this breach will worsen if confidential information is leaked, as the group has threatened. Being able to take systems offline and begin a process of restoration is undeniably important, but there is an additional threat if this data is exposed. It underlines the importance of international collaboration to bring down these highly coordinated groups early in their development if we want to protect our critical services,” he told IT Pro.

“As we watch the domino effect of this cyber attack, it is very apparent that impact is not limited to systems and software - victims will come in all shapes and sizes, from industries to individuals,” added Forbes.

Earlier this year, a water treatment facility in Florida was targeted in a failed attempt to poison the water supply after hackers attempted infiltrated a water treatment facility and ramped up the Sodium Hydroxide (NaOH) levels. The computer systems of a water treatment facility, located in the city of Oldsmar, Florida, were remotely breached twice on 5 February.

Featured Resources

The definitive guide to warehouse efficiency

Get your free guide to creating efficiencies in the warehouse

Free download

The total economic impact™ of Datto

Cost savings and business benefits of using Datto Integrated Solutions

Download now

Three-step guide to modern customer experience

Support the critical role CX plays in your business

Free download

Ransomware report

The global state of the channel

Download now

Recommended

Researchers disclose top flaws abused by ransomware gangs
ransomware

Researchers disclose top flaws abused by ransomware gangs

20 Sep 2021
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

17 Sep 2021
How do hackers choose their targets?
hacking

How do hackers choose their targets?

17 Sep 2021
Owner of DDoS for hire sites found guilty of hacking offences
distributed denial of service (DDOS)

Owner of DDoS for hire sites found guilty of hacking offences

17 Sep 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Google takes down map showing homes of 111,000 Guntrader customers
data breaches

Google takes down map showing homes of 111,000 Guntrader customers

2 Sep 2021
Intuit plans end-to-end SMB platform after $12 billion Mailchimp acquisition
mergers and acquisitions

Intuit plans end-to-end SMB platform after $12 billion Mailchimp acquisition

14 Sep 2021