The FBI has confirmed that a hacker group called “DarkSite” is the mastermind behind the attack on America’s largest pipeline network.
The FBI It was confirmed on Monday that the ransomware attack was a mystery Team Darkshide Network shutdown forced Colonial Pipeline It supplies fuel to much of the United States.
“FBI confirms DarkSite ransomware responsible for compromising colonial pipeline networksThe company, which sends fuel through an 8,850-kilometer pipeline off the coast of Texas, serves 50 million consumers, according to a report by the Federal Bureau of Investigation (FBI).
“We continue to work with the company and our government partners on the investigation,” the Federal Bureau of Investigation said in a statement.
The colonial pipeline, for its part, confirmed that it was reopening “in stages” and planned to regain capacity by the weekend, meaning it had paid the ransom demanded by the hackers. Usually, the amount of money is covered by insurance policies.
The pipeline carries petrol and other fuels from Texas to the northeast of the country. It supplies about 45% of the gasoline consumed on the East Coast, the company said. He was affected by what the colonialists described A “ransomware” attack in which hackers often encrypt information to block access to computer systems, disable networks, and then demand a large ransom to free up the network..
Colonial Pipeline said Sunday that it is in the process of recovering some of its information technology systems. The company says it is in contact with law enforcement and other federal agencies, including the Department of Energy, which guides the federal government’s response. The company did not disclose what it needed or who did it.
DarkSite is one of the “ransomware” groups that have “professionalized” a criminal sector that has caused billions of dollars in losses to some Western countries over the past three years.
Experts speculate that DarkSite is located in an Eastern European country. The system confirms it It does not affect medical, educational or government goals, but only large corporations, And donates a portion of the proceeds to charities. It has been in operation since August, and, like most powerful “ransomware” groups, is known for not attacking organizations in Soviet-occupied countries.
It did not elaborate on whether the colonialists paid or negotiated a ransom, and DarkSite did not announce an attack on its deep web site or respond to press requests. The lack of details regarding the ransom often indicates that the victim is negotiating or has already paid.
The Colonial Pipeline reported Sunday that it was growing “System Restart” program. Indicated that its main pipe connection was not yet in service, but some minor pipe connections were already in operation. “We are in the process of restoring service to other branches and will only fully restore our online system when we believe it is safe to do so, and we will fully comply with all federal regulations,” the company said in a statement.
Commerce Secretary Gina Raimondo said on Sunday that “ransomware” attacks were “a concern for companies now” and that she was “actively” working with the Department of Homeland Security to resolve the issue, making her one of the government’s top priorities.
“Unfortunately, these types of attacks happen often,” he told CBS ‘”Face the Nation.” “We need to work with businesses to make networks more secure to protect against these attacks.”
(With information from AFP and AP)