On Monday, cyber-crime gang DarkSide claimed responsibility for compromising one of the largest U.S. fuel pipelines, The Colonial Pipeline Company.
In a statement posted to its website, DarkSide echoed a sentiment common across ransomware gangs — that they’re an apolitical group, only interested in making money — but seemed to acknowledge that by hampering the fuel industry, they may have crossed a line with the United States that no ransomware gang has crossed before.
“We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined goverment and look for other our motives,” the gang posted, misspelling “government.”
“Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”
Service is hoped to be restored by end of the week, but in the meantime, there’s been a huge disruption of service to the East Coast and consumers will likely be impacted by localized fuel outages or price increases. The incident is another example of the vulnerabilities that come with outdated energy infrastructures, following the hack of a water treatment facility in Florida earlier this year.
Mieng Lim, VP of product management at Digital Defense (www.digitaldefense.com), a provider of vulnerability management and threat assessment solutions, says:
“This attack on a vital fuel pipeline, like the recent attack on a Florida water facility, is a harbinger of what’s to come if we continue to neglect the cybersecurity of our critical infrastructure. Cyber criminals and nation state actors will continue to probe for and exploit these weaknesses. Spending to secure our critical infrastructure networks is like replacing a home’s faulty electrical wiring. It’s hard to see the results of the spend, but not spending could be devastating. Our economy and the health and welfare of our population is at risk. It’s a simple choice — increase the cyber security protecting our critical infrastructure or continue to be victims of escalating cyberattacks.”
I know I keep saying this, but companies everywhere need to figure out how to protect themselves from this sort of thing as this example illustrates just how dangerous and disruptive these attacks can be.