DarkSide ransomware attack

Last week’s cyber-attack on the Colonial Pipeline made headlines with shocking images of US east coast gas stations inundated with cars queuing for fuel, hammering home the vulnerability of today’s tech-driven world.

Now confirmed as a ransomware attack, the cybercriminals triggered a halt on fuel distribution across the east coast and successfully secured a hefty ransom. The company paid 75 bitcoin, worth approximately US$5 million, for a swift restoration of services.

The DarkSide group claimed responsibility for the attack and it has since been revealed that the hackers had targeted the company’s business network, not the more sensitive operational technology networks that control the pipeline. Colonial opted to take itself offline to reduce the extent of the damage.

As a result, 5,500 miles of pipeline were shut down, triggering widespread fuel shortages in the southeast and sparking panic buying. Colonial carries nearly half of the fuel supply on the East Coast, including gasoline, diesel, heating oil and jet fuel.

Little information has come to light about the DarkSide group, though speculation by cybersecurity researchers suggests the cyber-criminal gang may be Russian, as their software appears to avoid encrypting any computer systems with Russian language preferences.

The group appears to operate professionally, alerting victims to attacks with screen pop-ups and an information pack detailing the encryption of their computers and servers. A comprehensive list of seized data is provided, along with a URL of a ‘personal leak page’ where sensitive data is already uploaded for mass publication should the company not meet demands before a certain deadline.

London-based cybersecurity firm, Digital Shadows, has uncovered DarkSide’s website on the dark web and reports that it lists all the companies hacked, an inventory of stolen assets and an ‘ethics’ page that includes a ‘safe list’ of organisations.

DarkSide’s hack has revealed the risk ransomware poses to critical infrastructure, and its ability to wreak havoc on society, not just businesses.

Like the evil plot in a James Bond film, prices at the pump rose six cents per gallon to $2.967 per gallon for regular unleaded gasoline, and Wall Street shares in US energy firms increased 2.0%.

Gasoline prices have already been extra sensitive as economies navigate their post-Covid return to normal. Demand, especially fuel for cars, is on the rise as consumers and workers return to the roads for business and leisure.

In paying DarkSide’s ransom, Colonial Pipeline has set a dangerous precedent by giving in to the hackers’ demands. Protection against a ransomware epidemic, according to experts, requires companies to stay united in refusing to negotiate with cybercriminals. Making significant upgrades in cybersecurity defences is the only way forward.