On Monday, the Federal Bureau of Investigation (FBI) confirmed that the ransomware group held for the attack that forced the shutdown of the Colonial Pipeline networks is ‘DarkSide,’ pinning the blame on an experienced cyber criminals’ group who have already hacked into scores of businesses in Europe and the United States of America.
The FBI said in a statement on May 10 that the law enforcement agency confirms that the Darkside ransomware is responsible for compromising the Colonial Pipeline networks. They continue to work with the firm and their government partners on the investigation.
FBI Statement on Compromise of Colonial Pipeline Networks https://t.co/XxHgezpref pic.twitter.com/McrRFOil64
— FBI (@FBI) May 10, 2021
A senior Justice Department source told FOX Business that the investigation into the attack continues due to the ransomware’s involvement, labeling the tools’ sophistication involved very high.
Darkside proclaimed its existence in August 2020 and claims it doesn’t attack educational, medical, or government targets, only large businesses, and that it donates a part of what it takes to charity.
Darkside has advertised stolen documents from nearly 80 businesses across Europe and the U.S. on its website
The group would collect information from a server of the victim, then encrypt it and request a pay-off. The gang then would upload the information to a leak website on the dark web, which would publish should it not receive the pay-off, risking sensitive information loss for any victim corporation or organization. Darkside has advertised stolen documents from over eighty businesses across Europe and the United States on its website.
In a statement on Monday, Colonial Pipeline said they are offering resources to restore pipeline processes quickly and safely.
The company stated that segments of their pipeline are being brought back online in a stepwise manner, in compliance with relevant federal rules and in close consultation with the United States Energy Department (DOE), which is leading and coordinating the Federal Administration’s response.
Colonial Pipelines said further that they continue to assess product inventory in storage tanks at their facilities and others along with their system and are working with their shippers to move that product to terminals for local delivery.
Moreover, the company said that actions taken by the Federal Administration to issue a temporary hour of service exemption for motor carriers and drivers carrying refined petroleum products across Colonial’s footprint should help alleviate local supply disruptions, and they thank their government partners for their assistance in resolving that matter.
Read Also: Major US fuel pipeline blames ransomware for Network shutdown