State of emergency declared in the USA due to attack on the largest pipeline: Russian hackers are suspected
A Russian criminal group may be responsible for the ransomware attack that shut down a major fuel pipeline in the United States, two sources familiar with the situation said. NBC News.
The group, known as DarkSide, is relatively new, but has a sophisticated approach to extortion, according to sources.
Commerce chief Gina Raimondo said the White House is working to help Colonial Pipeline, the Georgia-based company that operates the pipeline, restart its 5500-mile (8851 km) network.
The system, which stretches from Texas to New Jersey, transports 45% of the East Coast's fuel. The company said in a May 9 statement that some of the smaller branches of the pipeline are operational, but the main lines are not.
“We are in the process of restoring service to other branches and will only return our complete system to operational status when we believe it is safe and in full compliance with all federal regulations,” the company said.
Raimondo told CBS's "Face the Nation" that trying to restart the network is "a collective effort right now."
“We are working closely with the company, state and local officials to ensure that normal operations are resumed and there are no supply disruptions as quickly as possible,” she said. "Unfortunately, these types of attacks are becoming more frequent."
As noted by Air forceOn May 9, the US government issued a state of emergency after the attack. Drivers in 18 states can work overtime or flexible hours when transporting petroleum products.
Fuel prices in the United States on Monday, May 10, remained virtually unchanged, but there are concerns that they may change if the shutdown continues.
Independent oil market analyst Gaurav Sharma told the BBC that there is now a lot of fuel left at refineries in Texas.
“If they don’t figure it out on Tuesday, they’ll be in big trouble,” Sharma said. "Atlanta and Tennessee will be the first to hit, then the domino effect will hit New York."
He said that oil futures traders are now "struggling to meet demand at a time when US inventories are shrinking and demand - especially for fuel for cars - is growing as consumers return to the roads and the economy recovers."
On Sunday, May 9, a White House spokesman said the Department of Energy was leading the government's response. According to the official, the agencies are planning a number of scenarios in which fuel supplies to the region could be affected.
On Saturday, May 8, Colonial Pipeline blamed ransomware for the cyberattack and said that some of its information technology systems were affected. The company said it had "proactively" shut down "certain systems to contain the threat."
Sources said that while Russian hackers often work for the Kremlin as freelancers, early indications indicate that this was a criminal scheme and not a state attack.
But the fact that the country's largest gas pipeline had to be closed underscores how vulnerable US cyber infrastructure is to criminals and national adversaries such as Russia, China and Iran, experts say.
“This may be the most effective ransomware attack in history, and a cyber disaster is turning into a real disaster,” said Andrew Rubin, CEO and co-founder of Illumio, a cybersecurity company.
“This is an absolute nightmare and a recurring nightmare,” he said. - Organizations still rely and fully invest in detection as if they can prevent all breaches. But this approach does not count attacks over and over again. Before the next inevitable hack, the President and Congress must act on our broken security model. ”
You may be interested in: top New York news, stories of our immigrants and helpful tips about life in the Big Apple - read it all on ForumDaily New York
“If a Russian group is the culprit, it will underscore that Russia is giving free rein to criminal hackers targeting the West,” said Dmitry Alperovich, co-founder of the cyber firm CrowdStrike, who is executive chairman of the Silverado Policy Accelerator think tank.
“Whether they work for the state or not does not matter, given Russia's apparent policy of harboring and tolerating cybercrime,” he said.
According to a leading cybersecurity reporter for Reuters, DarkSide has its own website on the darknet, which hosts an array of leaked data from victims who, it says, did not pay the ransom. The reporter claims the group has made millions from cyber extortion.
Read also on ForumDaily:
stdClass Object ([term_id] => 1 [name] => Miscellaneous [taxonomy] => category [slug] => no_theme)Miscellaneous
stdClass Object ([term_id] => 12 [name] => In the US [taxonomy] => category [slug] => novosti-ssha)In the U.S.
stdClass Object ([term_id] => 7038 [name] => infrastructure [taxonomy] => post_tag [slug] => infrastruktura)infrastructure
stdClass Object ([term_id] => 11083 [name] => Russian hackers [taxonomy] => post_tag [slug] => rossijskie-xakery)Russian hackers
Do you want more important and interesting news about life in the USA and immigration to America? Subscribe to our page in Facebook. Choose the "Display Priority" option and read us first. Also, don't forget to subscribe to our РєР ° РЅР ° Р »РІ Telegram - there are many interesting things. And join thousands of readers ForumDaily Woman и ForumDaily New York - there you will find a lot of interesting and positive information.