Biden Says Colonial Pipeline Attack Tied to Russian Ransomware Hackers

May 11, 2021 by Tom Ramstack
Biden Says Colonial Pipeline Attack Tied to Russian Ransomware Hackers
In this Sept. 8, 2008 photo traffic on I-95 passes oil storage tanks owned by the Colonial Pipeline Company in Linden, N.J.(AP Photo/Mark Lennihan)

WASHINGTON — The ongoing energy crisis created by a Russian gang’s ransomware attack late last week led the Biden administration to announce a multi-pronged strategy for confronting it on Monday.

While President Biden declared an emergency, Colonial Pipeline officials said they expect to resume transporting most of the company’s roughly 100 million gallons of gasoline and other fuel daily by the end of this week.

The company’s pipeline serves customers along a route that runs from Houston to New York, representing about 45% of the refined fuel sold on the East Coast.

A group the FBI identified Monday as “Darkside” not only shut down Colonial Pipeline but also stole 100 gigabytes of data from the company’s servers. The members threatened to release the information on the internet if it is not paid a ransom of an undisclosed amount.

Biden added, “There is evidence that the actor’s ransomware is in Russian. They have some responsibility to deal with this.”

The gang posted a message on the dark web saying they wanted “only to make money” but denied any government affiliation.

Ransomware refers to an attack by computer hackers who lock out the rightful users and say they will not unlock the network until the victims pay a fee.

Biden announced a “whole of government” emergency response Sunday. The Energy Department is taking the lead, first by calling utilities to discuss strategies for stopping the attacks and also assessing the damage with state officials.

Other agencies joining the response after White House meetings during the weekend are the departments of Defense, Homeland Security, Transportation, Treasury and Justice.

The Justice Department is using its cybersecurity task force that started operating last month. Biden said he is putting together an executive order to deal with the emergency.

On Sunday, the Transportation Department announced it would relax restrictions on transporting fuel by trucks during the pipeline interruption. The temporary rules expand the “hours of service” trucks and their drivers can operate on highways in the affected states.

“[The Transportation Department’s] top priority is safety, and while current circumstances dictate providing industry flexibility, [the Federal Motor Carrier Safety Administration] will work closely with its state and industry partners to monitor driver work hours and conditions for the duration of the exemption,” a Transportation Department statement says.

The ransomware targeted at Colonial Pipeline is heightening concerns about the vulnerability of U.S. computer-controlled infrastructure after several high-profile attacks. They included the 2020 SolarWinds hack, also traced to the Russians.

SolarWinds compromised sensitive data from many government agencies, including the Defense Department, the Treasury Department, the State Department and the Homeland Security Department.

The Justice Department announced last month that 2020 was the worst year yet for ransomware attacks. Some of the demands for money reached into the millions of dollars.

Biden said at a White House press conference Monday that the attacks reaffirm the need for the improved infrastructure he plans as a centerpiece of his $2.3 trillion economic development plan. One component of his plan that started last month is a public-private cybersecurity initiative.

“It began with a 100-day sprint to improve cybersecurity in the electric sector, and we will follow that with similar initiatives for national gas pipelines, water and other sectors. In addition to companies stepping up, we need to invest to safeguard our critical infrastructure,” Biden said.

However, he acknowledged that the government must depend on private companies for much of the security. They own about 85% of the nation’s infrastructure, according to government estimates.

Elizabeth Sherwood-Randall, the White House domestic security adviser, said during the Monday press briefing, “When those companies are attacked, they serve as the first line of defense and we depend on the effectiveness of their defenses.”

Alpharetta, Ga.-based Colonial Pipeline claims its 5,500-mile network is the largest U.S. pipeline carrier of refined fuels.

A+
a-
TWN
  • Colonial Pipeline
  • Darkside
  • Joe Biden
  • ransomeware
    • linkedin linkedin

    In The News

    Health

    Voting

    Cybercrime

    October 7, 2023
    by Dan McCue
    Hackers Access DC Voter Records

    WASHINGTON — Hackers breached the District of Columbia's Board of Elections website on Thursday, gaining access to 600,000 "lines" of... Read More

    WASHINGTON — Hackers breached the District of Columbia's Board of Elections website on Thursday, gaining access to 600,000 "lines" of U.S. voter data, including D.C. voters reports, city officials said. Sarah Winn Graham, the spokeswoman for the board, said a hacking group known as RansomVC claimed... Read More

    July 18, 2023
    by Tom Ramstack
    Congress Told AI Holds Great Risks and Benefits for US Military

    WASHINGTON — Artificial intelligence experts warned Tuesday during a congressional hearing of ominous dangers for the United States if it... Read More

    WASHINGTON — Artificial intelligence experts warned Tuesday during a congressional hearing of ominous dangers for the United States if it falls behind in developing the technology but a bright future by taking the lead. One of the greatest risks would be defending against a foreign enemy... Read More

    May 17, 2023
    by Tom Ramstack
    US Prosecutors Indict Russian for Ransomware Attacks

    WASHINGTON — The Justice Department indicted a Russian citizen Tuesday prosecutors accused of ransomware campaigns that netted him and his... Read More

    WASHINGTON — The Justice Department indicted a Russian citizen Tuesday prosecutors accused of ransomware campaigns that netted him and his conspirators about $200 million in stolen payments. The victims were mostly in the United States. They included nonprofits, hospitals and police departments, such as the Washington,... Read More

    March 16, 2023
    by Tom Ramstack
    SEC Seeks Court Order in Investigation of Chinese Cyberattack

    WASHINGTON — A Securities and Exchange Commission investigation of a Chinese cyberattack is being opposed by some of Washington, D.C.’s... Read More

    WASHINGTON — A Securities and Exchange Commission investigation of a Chinese cyberattack is being opposed by some of Washington, D.C.’s biggest law firms. The SEC says it is trying to investigate the extent of 2020 cyberattacks in the United States, such as the one that penetrated... Read More

    January 20, 2023
    by T-Mobile Says Data on 37M Customers Stolen
    T-Mobile Says Data on 37M Customers Stolen

    BOSTON (AP) — The U.S. wireless carrier T-Mobile said Thursday that an unidentified malicious intruder breached its network in late... Read More

    BOSTON (AP) — The U.S. wireless carrier T-Mobile said Thursday that an unidentified malicious intruder breached its network in late November and stole data on 37 million customers, including addresses, phone numbers and dates of birth. T-Mobile said in a filing with the U.S. Securities and... Read More

    December 5, 2022
    by TWN
    Philip Morris International Taking Proactive Role to Help Consumers Know, Fight Illegal Trade

    WASHINGTON — Illegal trade isn’t good. It’s not good for companies who depend on the revenue from their products to... Read More

    WASHINGTON — Illegal trade isn’t good. It’s not good for companies who depend on the revenue from their products to expand and add jobs, and it’s certainly not good for the consumers who unknowingly shell out considerable sums of money for knockoffs that ultimately fall far... Read More

    News From The Well
    scroll top