Menu
On the 8th of May 2021, Colonial Pipeline, the largest fuel pipelines in the United States, released a statement confirming they suffered a ransomware attack on the 7th of May 2021 and had taken the decision to shut down the operations in order to stop the malware being propagated to other machines on the network.
The impact of the attack was the gas pipeline supplies drastically dropped as the largest pipeline was down for days. This resulted in a mass panic around America.
FBI have confirmed that the DarkSide Ransomware group were the ones who are responsible for the attack.
DarkSide is always known to be more of a money-oriented group rather than focusing on the operations side of things. At the time of the attack, DarkSide was demanding a 75 bitcoin ($4.4 million) ransom.
Within a few hours of the attack, the company paid the ransom of almost $5million to the attacker in order to restore the business. This was done in contrast to guidelines issued by FBI to stop paying the ransoms for discouraging the threat actors.
The colonial pipeline’s CEO explained the need to pay the ransom as it is the largest pipelines of the country and being down for days could have a disastrous impact on the US. He called it a controversial decision but believed that it was the right choice.
On the 7th of June 2021, the Justice Department were able to track the wallet through which the DarkSide transactions were made and were able to recover almost $2.3 million of the ransom.
The US president, Joe Biden addressed the people ensuring that things will be back to normal very soon.
He also claimed that the major pipeline itself is 5500 miles long and it will take some time to return to normal operations.
The President has ordered gas stations around the US to be very cooperative with the people in this current situation and should not take any kind of advantage due to the crisis.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
