Colonial Pipeline, the biggest fuel pipeline in the United States, recently suffered a cyberattack that led to the theft of almost 100 gigabytes of data, reported Forbes. The hackers also encrypted the company’s computers and demanded ransom.
The attack was initiated by a new hacking group called DarkSide, which has been particularly active in 2020. The group is known for being “Robin Hood” hackers after it donated some of the ransom money it obtained from victims last year to charity.
In an attempt to mitigate the threat, the company took its systems offline. However, some parts of its systems remained encrypted and are subject to the DarkSide ransomware. The malicious actors are asking for money in exchange for regaining access to the affected computers and confidentiality of the stolen data.
The company released a statement assuring customers that it is taking action to address the matter. It suspended its operations, reported CNBC. Currently, 5,500 miles of pipeline, which supplies almost half of fuel supplies on the East Coast, is down.
Colonial said, “We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations.”
The hack is seen as one of the most significant incidents in the energy industry, according to former senior White House policy advisor Bob McNally. He commented that this is the “biggest energy disruption” since drones attacked Saudi Arabian oil sites in 2019.
Meanwhile, the federal government is currently on the move to prevent supply disruptions with the help of the Department of Energy and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
Commerce Secretary Gina Raimondo believes that such incidents could be a regular threat to companies. She said, “Unfortunately, these sorts of attacks are becoming more frequent.”
“They’re here to stay, and we have to work in partnership with business to secure networks to defend ourselves against these attacks,” Raimondo added.
Meanwhile, the hacking group is believed to be very young but organized, according to Reuters. Cyber expert Lior Div, CEO of security firm Cybereason, said that the group “looks like someone who’s been there, done that.”
Div and other experts theorize the group probably consists of ransomware veterans, in light of the cybercrime it was able to do after it emerged in mid-2020.