Big tech companies and the US Government join forces for a "Ransomware Task Force" as panic buying for gas starts in the US south and east coasts as a result of the Colonial Pipeline hack.
What is the Colonial Pipeline?
The Colonial Pipeline is a network of pipelines that deliver refined oil products to the southern and eastern United States. It is the largest pipeline system in the US and has the capacity to carry 3 million barrels of fuel from between Texas and New York in a single day. Many parts of the southern and eastern United States rely on the Colonial Pipeline to meet their fuel requirements.
The Colonial Pipeline Company closed down the pipeline system on Friday, 7th May after it discovered ransomware on its computer systems. The attack began on Thursday and hackers stole about 100 GB of data from the company's systems, as part of a double-extortion scheme. In this type of attack, a group of hackers steals data from a computer system and makes it unusable by the system's operators. The hackers then demand a ransom to restore the data and make the system operational again. The reason it is referred to as double extortion is that hackers also threaten that they will publicly release the stolen data if the ransom is not paid. These types of attacks are referred to as ransomware attacks.
In response to the attack, the Colonial Pipeline company chose to shut down the pipeline. In a statement, the company said they, "proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems." The company's goal is, "substantially restoring operational service by the end of the week."
The impact of the shutdown
The Colonial Pipeline delivers fuel to seven airports and 14 states. The system in total carries over 100 million gallons of fuel each day. The shutdown of the pipeline severely disrupted the delivery of fuel to many parts of the southern and eastern United States. Over the weekend, gas prices jumped significantly and consumers started to panic buy fuel after news of the hack spread. Currently, many gas stations are out of fuel, and in some areas consumers have had to wait hours to fill up their tanks.
The Biden administration urged consumers to remain calm and only purchase the fuel they need. In a video statement issued via Twitter, U.S. Deputy Energy Secretary, Dave Turk said, "We're working around the clock with our federal, state, local and industry partners to respond to the Colonial Pipeline cybersecurity incident,". Government officials are considering transporting fuel via train or ship if required and the Environmental Protection Agency has issued temporary waivers for fuel transportation in order to boost the supply of gasoline. Governors in several states that rely on the pipeline declared an emergency and are allowing stated to issue their own transportation waivers and provide additional funding to local government in order to maintain regular fuel supply.
Darkside takes responsibility for the attack
The FBI placed responsibility for the attack on the hacking group known as Darkside which is believed to operate out of Russia and is made up of experienced cybercriminals. The group targets English-speaking countries and has ransomware as a service model and rents out its services on the dark web. The group seems to be caught off guard by the declaration of an emergency. In a statement, the group said it only wanted to make money and regretted, "creating problems for society”.
The Ransomware Task Force
The number of Ransomware attacks across the globe is growing and the United State's infrastructure has increasingly been targeted by hackers. An initiative led by the US Department of Justice is to create a "Ransomware Task Force" that will be a broad coalition of big tech firms, Europol, and the UK National Crime Agency. Tech companies like Amazon, Microsoft, Cisco, and FireEye are urging governments to declare ransomware attacks as a threat to national security.
Featured image: Computer photo created by diana.grytsku - www.freepik.com
1. May 2021, V. Romo, "Panic Drives Gas Shortages After Colonial Pipeline Ransomware Attack", [avaialbe online] available from: https://www.npr.org/2021/05/11/996044288/panic-drives-gas-shortages-after-colonial-pipeline-ransomware-attack [accessed May 2021]
2. May 2021, C. Nuttall, "DarkSide’s ransomware-as-a-service", [available online] available from: https://www.ft.com/content/78b2decb-f14a-4bf2-8e5e-87a3076b72dc [accessed May 2021]
3. May 2021, S. Ikeda, "Big Tech and Government Agencies Collaborate To Put an End to Ransomware Payments", [avaialbe online] available from: https://www.cpomagazine.com/cyber-security/big-tech-and-government-agencies-collaborate-to-put-an-end-to-ransomware-payments/ [accessed May 2021]