Pipeline hackers say they want money, not mayhem
The ransomware hacking group that shut down Colonial Pipeline last week said on its website Monday that it was looking to make money and not “problems for society.”
Reuters reports that the group, dubbed DarkSide, posted on its website that “our goal is to make money, and not creating problems for society.” The group did not say how much money they were demanding. They added they were “apolitical,” saying observers “do not need to tie us” to any particular government.
DarkSide did not mention Colonial Pipeline by name. The statement had several spelling and grammatical errors, Reuters notes. Experts told the outlet that the group may be based in Eastern Europe as the ransomware has been set to avoid encrypting computers that use Russian, Ukrainian and other languages from former Soviet countries.
The FBI on Monday confirmed that DarkSide was responsible for the cyberattack that shut down the Colonial Pipeline.
“The FBI confirms that the DarkSide ransomware is responsible for the compromise of the Colonial Pipeline networks. We continue to work with the company and our government partners on the investigation,” the agency wrote in a statement.
On Monday, Colonial Pipeline said it expected to “substantially” restore operations to its pipeline by the end of the week.
“This plan is based on a number of factors with safety and compliance driving our operational decisions, and the goal of substantially restoring operational service by the end of the week,” the company said.
Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, told Reuters that this attack should serve as a wakeup call for all people, including those outside of the energy industry.
“All organizations should really sit up and take notice and make urgent investments to make sure that they’re protecting their networks against these threats,” Goldstein said.
On Sunday, the The Federal Motor Carrier Safety Administration issued a regional emergency declaration in response to the cyberattack, lifting restrictions on drivers and motor carriers working to assist areas affected by the shutdown.
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..