The ransomware encrypted the servers of Colonial Pipeline Co., the company that produces and supplies half of the gasoline and diesel on the East Coast.
The Colonial Pipeline provides 45% of the total fuel supply to the states on the US East Coast. More than 454 million litres of fuel are pumped daily through the pipelines it serves.Colonial said it hired a third-party cybersecurity firm to begin an investigation into “the nature and extent of this incident,” and has also contacted law enforcement and other federal agencies.
After the release of the cyberattack announcement, the cost of fuel futures on the New York Mercantile Exchange rose. By 12:00 on the East Coast, the price of gasoline supplies in June increased by 0.85% – to $2.1317 per gallon (3.785 litres), diesel fuel – by 1.06%, to $2.0106 per gallon.
According to CNN, citing sources from the number of former employees of the US administration who worked in the field of cybersecurity.
According to journalists, hackers calling themselves DarkSide may be behind the attack. According to CNN, the group “comes from Russia.”
At the same time, Bloomberg agency notes that DarkSide may be associated with both Russia and the Eastern European countries.
NBC News sources have also suggested that the hackers may have a connection with Russia. According to them, the attack may not have been undertaken by the government, but carried out by hackers as part of a “criminal scheme.” A cyber-criminal gang that took a major US fuel pipeline offline over the weekend has acknowledged the incident in a public statement.
After this statement is interesting to recall that Darkside ransomware operators donate money to charity.
In a cyberattack on May 7, Colonial Pipeline shut down some systems to “contain a threat that temporarily halted all operations.” Operator work has not yet been restored.
The US authorities have declared a regional emergency in linkage with the suspension of the largest operator of the Colonial Pipeline.
