Colonial Pipeline experienced problems again, while experts asses the Darkside profits

by Emma Davis
May 20, 2021
Colonial Pipeline problems again
Written by Emma Davis

On Tuesday, May 18, the computer systems of the American fuel giant Colonial Pipeline again experienced problems. In particular, the company’s customers could not access the system to place orders for fuel supplies through the pipeline, make changes to orders and trace the status of the order in real time.

According to Bloomberg, the pipeline itself worked without interruptions, but in order to obtain information about the condition of the transported fuel, customers had to use an additional communication system.

Without this system, it is very difficult to manually change the direction of the barrels. Let’s say there is a tense gasoline situation in Charlotte, and we can reroute barrels from Greensboro to Charlotte to help fill the market. If this is not done quickly, the barrels can go past Charlotte and continue on their way towards Greensboro.Andy Milton, the senior vice - President of the energy company Mansfield Energy explained.

After Bloomberg reported a computer crash in the Colonial Pipeline, the price of gasoline futures in the New York market rose 1%. However, when it became clear that the outage was not causing delays in fuel supplies, prices returned to normal.

Colonial Pipeline explained that the computer crash was caused by the company’s actions to recover from a ransomware attack earlier this month.

This morning, our internal server, which runs our fuel requisition system, experienced intermittent disruptions due to the measures we are taking to strengthen defenses as part of the recovery process. These issues were not related to ransomware or any other type of re-infection.Colonial Pipeline said in a statement.

At the same time, experts from the Elliptic company analysed the ransom payments of the ransomware group DarkSide, made on 47 different bitcoin wallets.

Since October 2020, cybercriminals have earned just over $90 million. About 10% of the profits were made in one week after attacks by just two companies: the American fuel giant Colonial Pipeline and the large German chemical company Brenntag. The attacks on the Colonial Pipeline and Brenntag brought cybercriminals a total of about $ 10 million. The first company paid almost $5 million, and the second – $4.4 million.

Over the past three months, the group has been able to earn $17.5 million, which is about 20% of the total profit.

According to experts from DarkTracer, the total number of victims of DarkSide is 99 companies and organizations, but this number may be slightly higher. The day before the announcement of the cessation of criminal activities, DarkSide attacked 59 more victims.

Because the perpetrators operated on a ransomware-as-a-service (RaaS) business model, DarkSide’s profits were split between malware developers and partners who hacked victims’ networks, stole data, and installed malware to encrypt files. DarkSide partners received from 75% to 90% of the profit, depending on the size of the ransom.

Let me also remind you that Hackers that Attacked Colonial Pipeline Reported Attacks on Three More Companies.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

View all posts

Leave a Reply

Sending