• Welcome to Religious Forums, a friendly forum to discuss all religions in a friendly surrounding.

    Your voice is missing! You will need to register to get access to the following site features:
    • Reply to discussions and create your own threads.
    • Our modern chat room. No add-ons or extensions required, just login and start chatting!
    • Access to private conversations with other members.

    We hope to see you as a part of our community soon!

FBI names pipeline cyberattackers

Stevicus

Stevicus

Veteran Member
Staff member
Premium Member
FBI names pipeline cyberattackers as company promises return (apnews.com)

WASHINGTON (AP) — Hit by a cyberattack, the operator of a major U.S. fuel pipeline said Monday it hopes to have services mostly restored by the end of the week as the FBI and administration officials identified the culprits as a gang of criminal hackers.

Colonial Pipeline, which delivers about 45% of the fuel consumed on the East Coast, halted operations last week after revealing a ransomware attack that it said had affected some of its systems. On Monday, U.S. officials sought to soothe concerns about price spikes or damage to the economy by stressing that the fuel supply had so far not been disrupted, and the company said it was working toward “substantially restoring operational service” by the weekend.

Nonetheless, the attack underscored the vulnerabilities of the nation’s energy sector and other critical industries whose infrastructure is largely privately owned. Ransomware attacks are typically carried out by criminal hackers who scramble data, paralyzing victim networks, and demand large payments to decrypt it.
Click to expand...

They believe it was criminal hackers, and they said there was no evidence to indicate it was done by the Russians or other government. But the hackers are Russian-speaking, although they may not be connected with the government. But President Biden says the Russian government has some responsibility just the same.

The Colonial attack was a potent reminder of the real-world implications of the burgeoning threat. Even as the Biden administration works to confront organized hacking campaigns sponsored by foreign governments, it must still contend with difficult-to-prevent attacks from cybercriminals.

“We need to invest to safeguard our critical infrastructure,” President Joe Biden said Monday. Energy Secretary Jennifer Granholm said the attack “tells you how utterly vulnerable we are” to cyberattacks on U.S. infrastructure.

The attack came as the administration, still grappling with its response to massive breaches by Russia of federal agencies and private corporations, works on an executive order aimed at bolstering cybersecurity defenses. The Justice Department, meanwhile, has formed a ransomware task force designed for situations just like Colonial Pipeline, and the Energy Department on April 20 announced a 100-day initiative focused on protecting energy infrastructure from cyber threats. Similar actions are planned for other critical industries, such as water and natural gas.

Despite that, the challenge facing the government and the private sector remains immense.
Click to expand...

The group is called "DarkSide," and said on their deep web site that they're "only out to make money, not cause problems for society."

In this case, the FBI moved with unusual speed to pinpoint blame, saying the criminal syndicate whose ransomware was used in the attack is named DarkSide. The group’s members are Russian speakers, and the syndicate’s malware is coded not to attack networks using Russian-language keyboards.

Anne Neuberger, the White House deputy national security adviser for cyber and emerging technology, said at a briefing that the group has been on the FBI’s model for months. She said its business model is to demand ransom payments from victims and then split the proceeds with the ransomware developers, relying on what she said was a “new and very troubling variant.”

She declined to say if Colonial Pipeline had paid any ransom, and the company has not given any indication of that one way or the other. Though the FBI has historically discouraged victims from making payments for fear of promoting additional attacks, she acknowledged “the very difficult” situation that victims face and said the administration needs to look “thoughtfully at this area” of how best to deter ransomware.

“Given the rise in ransomware, that is one area we’re definitely looking at now to say, “What should be the government’s approach to ransomware actors and to ransoms overall?”

Speaking later in the day at a conference on national security, Neuberger said the administration was committed to leveraging the government’s massive buying power to ensure that software makers make their products less vulnerable to hackers.

“Security can’t be an afterthought,” Neuberger said. “We don’t buy a car and only then decide if we want to pay for seatbelts and airbags.”

The U.S. sanctioned the Kremlin last month for a hack of federal government agencies, known as the SolarWinds breach, that officials have linked to a Russian intelligence unit and characterized as an intelligence-gathering operation. In this case, though, the hackers are not known to be working at the behest of any foreign government.

The group posted a statement on its dark web site describing itself as apolitical. “Our goal is to make money, and not creating problems for society,” DarkSide said.

Asked Monday whether Russia was involved, Biden said, ”“I’m going to be meeting with President (Vladimir) Putin, and so far there is no evidence based on, from our intelligence people, that Russia is involved, although there is evidence that the actors, ransomware, is in Russia.

“They have some responsibility to deal with this,” he added.

U.S. officials have sought to head off anxieties about the prospect of a lingering economic impact and disruption to the fuel supply, especially given Colonial Pipeline’s key role in transporting gasoline, jet fuel, diesel and other petroleum products through 10 states between Texas and New Jersey.
Click to expand...

upload_2021-5-10_17-52-20.jpeg


 
Revoltingest

Revoltingest

Pragmatic Libertarian
Premium Member
PureX said:
Not "make money" ... but steal money through deceit.
Click to expand...
And here I thought you'd praise them for taking filthy lucre from greedy businesses.
DarkSide explained: the ransomware group responsible for Colonial Pipeline cyberattack
Excerpted....
On the leak site, the ransomware group claims to have a code of conduct that prevents attacks against funeral services, hospitals, palliative care, nursing homes, and some companies involved in the distribution of the COVID-19 vaccine.

DarkSide also seems to have gone to some lengths to portray themselves as a kind of Robin Hood. As noted by Cybereason, the group claims that part of ransomware payments go to charity.

"Some of the money the companies have paid will go to charity," DarkSide said in a forum post. "No matter how bad you think our work is, we are pleased to know that we helped change someone's life."
 
You must log in or register to reply here.
Top