Cantonese pub

Palestinians clash with Israeli police in Jerusalem

The Canadian Press

Cyber ​​attack on US pipeline linked to criminal gang

NEW YORK – The cyberextortion attempt that forced the shutdown of a vital US pipeline was carried out by a criminal gang known as DarkSide that cultivates Robin Hood’s image of robbing businesses and slashing businesses. charities, said a person familiar with the investigation. Sunday. The shutdown, meanwhile, continued into its third day, with the Biden administration saying an “all on the ground” effort is underway to restore operations and avoid disruptions in the fuel supply. Experts said gasoline prices are unlikely to be affected if the pipeline returns to normal in the coming days, but the incident – the worst cyberattack to date on critical US infrastructure – should serve as a alarm signal to companies on vulnerabilities. they confront. The pipeline, operated by Georgia-based Colonial Pipeline, transports gasoline and other fuels from Texas to the northeast. It provides about 45% of the fuel consumed on the East Coast, according to the company. He was hit by what Colonial called a ransomware attack, in which hackers typically block computer systems by encrypting data and then demand a large ransom to free it. The company did not say what was requested or who requested it. However, the person close to the investigation, speaking on condition of anonymity, identified the culprit as DarkSide. He is one of the ransomware gangs that have “professionalized” a criminal industry that has cost Western countries tens of billions of dollars in losses over the past three years. DarkSide says it doesn’t attack medical, educational, or government targets – only large corporations – and donates a portion of its catch to charity. It has been active since August and, typical of the most powerful ransomware gangs, it is known to avoid targeting organizations in countries of the former Soviet bloc. Colonial did not say whether he paid or negotiated a ransom, and DarkSide did not announce the attack on its dark website or answer questions from an Associated Press reporter. Lack of recognition usually indicates that a victim is negotiating or has paid. Commerce Secretary Gina Raimondo said on Sunday that ransomware attacks are “what businesses need to be worried about now” and that she will work “very vigorously” with the Department of Homeland Security to resolve the issue, the qualifying as absolute priority for the administration. “Unfortunately, this type of attack is more and more frequent,” she said on CBS’s “Face the Nation”. “We need to work in partnership with businesses to secure networks in order to defend against these attacks. She said President Joe Biden had been briefed on the attack. “It’s an off-road effort right now,” said Raimondo. “And we are working closely with the company, state and local authorities to make sure they get back to normal operations as quickly as possible and there is no disruption of supply. The person close to The Colonial investigation said the attackers also stole data from the company, presumably for extortion purposes. Sometimes stolen data is more valuable to ransomware criminals than the leverage they gain crippling a network, as some victims are reluctant to see sensitive information transmitted to them online. Security experts said the attack should be a warning to operators of critical infrastructure – including utilities electricity and water and energy and transportation companies – that failure to invest in updating their security puts them at risk of disaster. Ed Amoroso, CEO of TAG Cyber, said Colonial was lucky his attacker was at least ostensibly motivated solely by profit, not geopolitics. because they are probably more vulnerable to more serious attacks, ”he said. example, crippled the electricity grid in Ukraine during the winters of 2015 and 2016. Cyberextortion attempts in the United States have become a phenomenon of fatal cuts by the thousands over the past year, with attacks on hospitals causing delays in cancer treatment, interrupting schooling and paralysis of the police and municipal authorities. Tulsa, Oklahoma, this week became the 32nd state or local government in the United States to be attacked by ransomware, said Brett Callow, threat analyst at cybersecurity firm Emsisoft. The average ransoms paid in the United States nearly tripled to over $ 310,000 last year. The average downtime for victims of ransomware attacks is 21 days, according to Coveware, which helps victims respond. David Kennedy, founder and senior senior security consultant at TrustedSec, said that once a ransomware attack is discovered, companies have little recourse but to completely rebuild their infrastructure or pay the ransom. “Ransomware is absolutely out of control and is one of the biggest threats we face as a nation,” Kennedy said. “The problem we face is that most businesses are unprepared to deal with these threats.” Colonial transports gasoline, diesel, jet fuel and heating oil from refineries on the Gulf Coast through pipelines from Texas to New Jersey. Its pipeline network spans more than 5,500 miles, transporting more than 100 million gallons per day. Debnil Chowdhury, of research firm IHSMarkit, said if the outage lasts one to three weeks, gas prices could start to rise. “I wouldn’t be surprised, if it ends up being an outage of this magnitude, if we see a 15 to 20 cent increase in gasoline prices over the course of the week or two,” he said. The Department of Justice has a new task force dedicated to combating ransomware attacks. While the United States has not suffered any serious cyberattacks on its critical infrastructure, officials say Russian hackers in particular are known to have infiltrated certain critical sectors, positioning themselves to do damage if armed conflict breaks out. Iranian hackers have also been aggressive in trying to gain access to utilities, factories, and oil and gas facilities. In one case in 2013, they broke into the control system of a US roadblock. ___ Bajak reported from Boston. AP writers Alan Suderman in Richmond, Virginia, and Martin Crutsinger and Michael Balsamo in Washington contributed to this report. Mae Anderson and Frank Bajak, The Associated Press

Leave a Reply

Your email address will not be published.