Hackers of the US pipeline network demand ransom payment in monero or bitcoin

Key facts:
  • The amount of the ransom is not known, but the attack is blamed on the DarkSide ransomware gang.

  • Joe Biden takes exceptional steps to avoid fuel shortages.

A US pipeline located in Texas had to suspend its operations due to an attempt at cybernetic extortion suffered on Friday, May 7, 2021 and which is awarded to a group of hackers known as DarkSide. It is a gang of computer criminals that is characterized by requesting payments in bitcoin (BTC), or in private cryptocurrencies such as monero (XMR).

The firm that manages the pipeline facilities is Colonial Pipeline, based in Georgia. This pipeline is one of the most important distributors of refined gasoline and jet fuel on the Southeast Coast of the country, with almost 45% of the production (from the coast of the Gulf of Mexico to New York), according to BBC News.

As detailed in a statement issued by the company, it was a “ransomware” attack, a technique that involves the theft of information that is then encrypted to block access to it. Once the attack is carried out, the malefactors request a ransom to free her. The way these gangs work now also involves the use of extortion in case the victims do not pay the ransom. Data is filtered in the dark web and they are threatened with publishing all the stolen information to force them to cancel.

The gang tried to seize nearly 100 gigabytes of data, threatening to leak it onto the Internet, but the FBI and other government agencies worked with private companies to counter the attack. The cloud computing system that the hackers used to collect the stolen data went offline on Saturday, Reuters reported.

The US Colonial Pipeline pipeline was forced to stop its operations since Friday, May 7, due to the DarkSide ransomware. IndustryAndTravel / elements.envato.com

Although Pipeline’s main IT lines are still inactive, some other secondary lines were already operating on Sunday, May 9, according to what was officially reported. This is the largest cyberattack to date on a vital service company in the United States, according to reports the Los Angeles Times.

President Joe Biden assured that the government is working to prevent the closure from producing serious consequences, as a possible fuel shortage. For this reason, this Sunday it promulgated a temporary exemption to relax restrictions on the transportation of fuel by land.

Ransomware attacks: a difficult-to-solve dilemma

As CriptoNoticias has reported in the past, the ransomware DarkSide’s philosophy is to steal from large companies and then donate a part of the proceeds to charity.

So far, it is not known the amount of the ransom they are requesting from Colonial Pipeline, nor if the hackers’ demands have actually been met. But the typical ransom demands of this group are known to range from $ 200,000 to $ 20 million. DarkSide usually request payments in monero XMR to avoid being discovered by tracking transactions; also in BTC, in which case they apply a 10% surcharge.

These payments, however, do not completely solve the problem. First, because Paying these ransoms can be considered a federal crime, because the United States Department of the Treasury so determines, with the aim of avoiding the promotion of these crimes and that the appropriate complaints are made in these cases.

On the other hand, as this media reported at the end of April, accessing the payment does not imply recovering 100% of the stolen information; in fact, the average of data recovered is close to 65%. To this must be added, in addition, the losses due to the time invested in solving and repairing the damage of the attack, in addition to the lost opportunities.

We want to give thanks to the author of this short article for this awesome material

Hackers of the US pipeline network demand ransom payment in monero or bitcoin

Dispensary Business News