The F.B.I. confirms that DarkSide, a ransomware group, was behind the hack of a major U.S. pipeline.



The F.B.I. confirmed on Monday that the hacking group DarkSide was responsible for the ransomware attack that closed a U.S. pipeline providing the East Coast with nearly half of its gasoline and jet fuel.

The Biden administration is expected to announce an executive order in the coming days to strengthen America’s cyberdefense infrastructure.

President Biden said on Monday that the government had mitigated any impact the hack on the petroleum pipeline might have had on the U.S. fuel supply. He added that his administration had efforts underway to “disrupt and prosecute ransomware criminals.”

Colonial Pipeline, the operator of the system, issued a statement saying that restoring service “takes time.” It added that while the situation was “fluid and continues to evolve,” the company would restore service incrementally, with the goal of “substantially” resuming service by the end of the week.

Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, said Monday afternoon that the government believed DarkSide was “a criminal actor” but was looking for any ties the group might have to nation-states.

She added that Colonial had not sought cyber support from the government, and said that she could not confirm if the company, a private corporation, had paid any ransom.

Mr. Biden also said on Monday that, so far, there was no evidence from U.S. intelligence officials that Russia was involved, but he added: “There is evidence that the actors’ ransomware is in Russia. They have some responsibility to deal with this.”

Colonial’s pipeline transports 2.5 million barrels each day, taking refined gasoline, diesel fuel and jet fuel from the Gulf Coast up to New York Harbor and New York’s major airports. Most of that goes into large storage tanks, and with energy use depressed by the coronavirus pandemic, the attack was unlikely to cause any immediate disruptions.

Late Friday, Colonial said in a vaguely worded statement that it had shut down its 5,500 miles of pipeline, which it said carried 45 percent of the East Coast’s fuel supplies, in an effort to contain the breach. Earlier in the day, there had been disruptions along the pipeline, but it was not clear at the time whether that was a direct result of the attack or of the company’s moves to proactively halt it.


Source link


Please enter your comment!
Please enter your name here