FBI names pipeline cyberattackers as company promises to restore services

10 May 2021, 21:14

Pipeline Cybersecurity Attack
Pipeline Cybersecurity Attack. Picture: PA

Colonial Pipeline halted operations last week after revealing a ransomware attack that it said had affected some of its systems.

The operator of a major US fuel pipeline hit by a cyberattack has said it hopes to have services mostly restored by the end of the week as the FBI and administration officials identified the culprits as a gang of criminal hackers.

Colonial Pipeline, which delivers about 45% of the fuel used on the US East Coast, halted operations last week after revealing a ransomware attack that it said had affected some of its systems.

On Monday, US officials sought to soothe concerns about price spikes or damage to the economy by stressing that the fuel supply had so far not been disrupted, and the company said it was working towards “substantially restoring operational service” by the weekend.

But the attack underscored the vulnerabilities of the nation’s energy sector and other critical industries whose infrastructure is largely privately owned. Ransomware attacks are typically carried out by criminal hackers who scramble data, paralysing victim networks, and demand large payments to decrypt it.

Pipeline-Cybersecurity Attack
(AP)

The Colonial attack was a reminder of the real-world implications of the burgeoning threat. Even as the Biden administration works to confront organised hacking campaigns sponsored by foreign governments, it must contend with difficult-to-prevent attacks from cybercriminals.

“We need to invest to safeguard our critical infrastructure,” President Joe Biden said on Monday.

The attack came as the administration, still grappling with its response to massive breaches by Russia of federal agencies and private corporations, works on an executive order aimed at bolstering cybersecurity defences.

The Justice Department has formed a ransomware taskforce designed for situations like Colonial Pipeline, and the Energy Department on April 20 announced a 100-day initiative focused on protecting energy infrastructure from cyber threats. Similar actions are planned for other critical industries.

Despite that, the challenge facing the government and the private sector remains immense.

In this case, the FBI moved with unusual speed to pinpoint blame, saying the criminal syndicate whose ransomware was used in the attack is named DarkSide.

The group’s members are Russian speakers, and the syndicate’s malware is coded not to attack networks using Russian-language keyboards.

Joe Biden
Joe Biden (Evan Vucci/AP)

Anne Neuberger, the White House deputy national security adviser for cyber and emerging technology, said at a briefing that the group emerged a few months ago. She said the group’s business model is to demand ransom payments from victims and then split the proceeds, relying on what she said was a “new and very troubling variant”.

She declined to say if Colonial had paid any ransom, and the company has not given any indication of that.

Though the FBI has historically discouraged victims from making payments for fear of promoting additional attacks, she acknowledged “the very difficult” situation victims face and said the administration needs to look “thoughtfully at this area”.

The US sanctioned the Kremlin last month for a hack of federal government agencies that officials have linked to a military intelligence unit and described as an intelligence-gathering operation. In this case, though, the hackers are not known to be working at the behest of any foreign government.

The group posted a statement on its dark web site describing itself as apolitical. “Our goal is to make money, and not creating problems for society,” DarkSide said.

Asked on Monday whether Russia was involved, Mr Biden said: “I’m going to be meeting with President (Vladimir) Putin, and so far there is no evidence based on, from our intelligence people, that Russia is involved, although there is evidence that the actors, ransomware, is in Russia.

“They have some responsibility to deal with this.”

By Press Association

Latest World News

See more Latest World News

Video footage shows the convoy had emergency lights flashing when it was hit

Israel admits ‘mistakenly’ killing 15 aid workers after video leak contradicted official version of events

Jaguar Land Rover has paused shipments to the US in the wake of 'Liberation Day' tariffs

Jaguar Land Rover halts shipments to US in wake of tariffs as Trump insists he'll win 'economic revolution'

Flowers and toys left on a swing seat to commemorate victims killed in Russia's missile attack on Friday

Death toll from Russian strike on Zelenskyy's home town rises as 18 confirmed dead - including nine children

Donald Trump's 10% tariff on UK products has officially come into force

Trump tariffs come into force as global stock markets plunge deeper into the red

Tom Howard

British tourist killed after being struck by boulder on trek through Himalayas

In this photo provided by the Ukrainian Emergency Service, a car burns following a Russian missile attack that killed more than a dozen people, including children, in Kryvyi Rih, Ukraine, Friday, April 4, 2025. (Ukrainian Emergency Service via AP)

Russia kills 16 people including three children in missile strike on Zelenskyy's home town, with dozens wounded

Travel influencer Mykhailo Viktorovych Polyakov, 24, made an illegal visit to North Sentinel Island

Tourist who left Coke for world's most isolated tribe 'could have wiped them all out' - and police 'can't go collect can'

White House weighs in to support ‘censored’ anti-abortion activists in Britain

White House looking to support ‘censored’ anti-abortion activists in Britain

This image provided by NASA shows Nick Hague, right, Suni Williams, and Butch Wilmore. (NASA via AP)

Stranded NASA astronauts reveal they were almost trapped in space 'forever' after horror malfunction

Donald Trump demands France 'free Marine Le Pen'

Donald Trump demands France 'free Marine Le Pen' after far-right leader found guilty of embezzlement in 'witch hunt'

China will impose a 34% retaliatory tariff on imports from the US

China announces additional 34% tariffs on US imports in retaliation over Trump's 'Liberation Day' levies

Friends of Prince Andrew say he's "unsurprised" Giuffre made the post

Prince Andrew 'not surprised' his accuser shared shock post saying she had 'four days to live'

South Korea's impeached President Yoon Suk Yeol

South Korea president Yoon Suk Yeol removed from office as impeachment upheld over martial law declaration

Virginia Giuffre

Woman driving Prince Andrew accuser Virginia Giuffre during crash that left her with 'four days to live' breaks silence

Exclusive
'Donald Trump has made Putin comfortable,' Mikhail Khodorkovsky has warned

'Trump has made Putin comfortable' despite massive Ukraine war losses, exiled former oligarch tells LBC

The bodies of Andrew Searle and his wife Dawn were discovered by a neighbour.

British couple found dead in south of France home being ‘treated as murder-suicide’