Ransomware Hackers: Lowest of the Low Demands Long Prison Time

 

Low-lifers that hurt and cheat others

(Very real Cyber Threat)

Ransomware blackmail paid for pipeline shutdown – LA Times story with this headline:

“Colonial Pipeline paid hackers nearly $5 million in ransom, sources say”

Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.

The company paid the hefty ransom in untraceable cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the East Coast. Government officials were made aware that Colonial made the payment. 

Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system. A representative from Colonial declined to comment, as did a spokesperson for the NSC (National Security Council).

The hackers, FBI says are linked to a group called “DarkSide,” specialize in digital extortion and believed to be located in Russia (but probably not government connected), or in Eastern Europe.

Related story from the Wall Street Journal – Biden takes steps to combat hackers and strengthen cybersecurity.

This related Ransomware story from Canada with two notes:

Note 1 – Most ransomware gangs nowadays first steal files from a database, then they lock down the database from any access with strong encryption while demanding payment in untraceable money. 

Note 2 – Many law enforcement agencies like the FBI are urging victims not to pay any ransom amount to the hackers as it (1) not only encourages crime but (2) doesn’t guarantee that a decryption key will be made even after the ransom payment.

My 2 cents: I thought we did not pay terrorists for their demands.

In this case, the gas delivery company, Colonial Pipeline, is the largest pipeline system for refined oil products in the U.S. Their pipeline is 5,500 miles long and can carry 3 million barrels of fuel per day between Texas and New York.

It is operated by Colonial Pipeline Company with their HQ in  Alpharetta, GA. They were founded in 1961 and construction of the pipeline began in 1962.

FYI: Colonial had seven spills in four years in the late 20th century, three of which (1996 to 1999) caused significant environmental damage to waterways in the Southeast.

In 2020, Colonial had one of the largest gasoline spills from a pipelines ever, at 1.2 million gallons, in a nature preserve in Huntersville, NC.

Seems this company also now has cyber “spills” too so to speak (pun intended).

Stern steps need to be taken to combat this sort hacking including steps to be able to track and trace cryptocurrency, and including stern steps to the any later proven possible Russian or other EU government-related hackers (which remains to be seen), but hopefully they are not government connected. That would be a serious issue is proven. 

Also those countries where DARKSIDE is operating need to crack down on them and take stern steps to shut them down and to show that they won’t tolerate such activities and thereby improve foreign relations as well.

Stay tuned, and thanks for stopping by.