The FBI has declared that the cybercriminal behind the recent Colonial Pipeline was a ransomware variant known as DarkSide.
Operations at the Colonial Pipeline were brought to a standstill on Monday after a ransomware cyberattack led to the company taking certain systems offline to contain the threat.
Colonial transports 100 million gallons of fuel daily to customers from Texas to New York and transports 45% of all fuel consumed on the east coast. It is the largest pipeline for moving gas and diesel products in the US at 2.7 million miles.
Colonial has stated it is currently aiming to ‘substantially’ restore pipeline operations by the end of the week. US law enforcement officials, meanwhile, will continue to monitor the activity of DarkSide.
A private advisory to US companies by the FBI obtained by CyberScoop highlighted that the organisation had been tracking the DarkSide ransomware variant since October last year.
The advisory said, “Darkside has impacted numerous organizations across various sectors including manufacturing, legal, insurance, healthcare and energy. The authors of DarkSide lease their hacking tools to other criminals in a “ransomware-as-as-service” model that splits the proceeds among the perpetrators.”
The US Transportation Department issued an emergency directive on Sunday to lessen any pressure on fuel supply caused by the affair. This directive will allow drivers in 17 states and the District of Columbia to work longer hours to transport fuel.
The Biden administration has already begun to tackle the growing number of cybercrime issues in the US, recently establishing a Justice Department task force aimed at studying the incentives that have to pay the ransom.
In December last year, software company SolarWinds suffered a major hack that predominantly impacted US government departments. SolarWinds has over 300,000 customers.
President Biden recently announced a 100-day plan focused on rapidly strengthening US power grid cybersecurity. The plan will be headed by the US Department of Energy and will be supported by the Cybersecurity and Infrastructure Security Agency.
Copyright © 2021 FinTech Global