Each day, the impact of ransomware attacks grows exponentially. Recently a major cyber-attack has occurred on the Colonial Pipeline in the United States. Colonial Pipeline operates the largest fuel conduit system in the United States, sending gasoline and jet fuel from the Gulf Coast of Texas to the east coast through a pipeline network serving 50 million consumers. The ransomware incident was associated with the hacker group DarkSide.
Who Are DarkSide?
DarkSide are a known cybercrime group that have been classified as sophisticated threat actors. Based on reports from the White House, there has been no evidence of Russia’s involvement with the group or the attack, even though the ransomware was traced back to Russia. The attack has ingrained the idea that the US has to work harder on its national defence, specifically in cyberspace, when it comes to national assets and critical infrastructure. The Biden administration has responded to this gap by initiating certain investments that will be used to accelerate the energy and power industries towards the best security upgrades, along with future investments in the infrastructure of these industries.
The BBC has noted that the objective behind DarkSide’s attack was not political, as they lean towards monetizing from using ransomware attacks. DarSiide themselves have stated, “We do not participate in geopolitics”.
Similarities to Telstra Hack
Interestingly enough the attack on the Colonial Pipeline follows the same formula that was recently used in the hack of Telstra in Australia, in which the threat actors stole tens of thousands of business SIM cards.
Ransomware can be very tricky to get rid of – if a system is compromised, the actors lock or encrypt the system, and will not decrypt it unless a ransom is paid. In some cases, the company will pay that ransom in order to avoid a data leak.
To understand more about how ransomware occurs, and how to protect against it, contact us at Agilient.
Author: Saeed Baayoun