Log in
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 


SummaryMost relevantAll NewsOther languagesMarketScreener Strategies

U.S. pipeline hackers say their aim is cash, not chaos

05/10/2021 | 05:59pm EDT
Holding tanks are seen in an aerial photograph at Colonial Pipeline's Dorsey Junction Station

WASHINGTON/SAN FRANCISCO (Reuters) -The ransomware gang accused of crippling the leading U.S. fuel pipeline operator said on Monday that it never meant to create havoc, an unusual statement that experts saw as a sign the cybercriminals' scheme had gone awry.

The FBI accused the group that calls itself DarkSide of a digital extortion attempt that prompted Colonial Pipeline to shut down its network, threatening extraordinary disruption as Colonial works to get America's biggest gasoline pipeline back online by the end of the week.

A terse news release posted to DarkSide's website did not directly mention Colonial Pipeline but, under the heading "About the latest news," it noted that "our goal is to make money, and not creating problems for society."

The statement did not say how much money the hackers were seeking. Colonial Pipeline did not offer any comment on the hackers' statement and U.S. officials have said they have not been involved in ransom negotiations.

The hackers did not respond to Reuters requests for comment.

The FBI, Department of Energy and White House have all been involved in a rapid response to the hack, and a server used by the gang was shut down over the weekend.

A person familiar with the matter said on Monday that the server held Colonial data and also files stolen in other DarkSide ransomware operations in progress, and that some of the group's other victims were in the process of being notified.

The FBI office in San Francisco, which had already been investigating DarkSide, was now involved in the law enforcement probe into the Colonial attack along with the FBI in Atlanta, near where the pipeline company is based.

The FBI declined comment.

DarkSide's statement went on to say that its hackers would launch checks on fellow cybercriminals "to avoid consequences in the future." It added the group was "apolitical" and that observers "do not need to tie us" with any particular government.

The statement, which had several spelling and grammatical errors, appeared geared toward lowering the political temperature around one of the most disruptive digital extortion schemes ever reported.

Gasoline prices at the pump have already risen 6 cents in the latest week - potentially putting them on course for the highest level since 2014.

On Sunday the largest U.S. refinery - Motiva Enterprises LLC's 607,000 barrel-per-day (bpd) Port Arthur, Texas, refinery - shut two crude distillation units because of the outage at Colonial, according to people familiar with the matter.

Some security experts said the DarkSide hackers were now trying to put some distance between themselves and the chaos they had unleashed.

"This isn't the first time a threat group has gotten in over their heads," said Lior Div, the co-founder and chief executive of Boston-based security company Cybereason.

He said that ransomware groups like DarkSide depended on being able to squeeze their victims discreetly, without attracting too much law enforcement scrutiny.

"The global backlash is hurting their business," said Div. "It is the only reason they are offering a mea culpa."

There is evidence that the DarkSide group operates out of Russia, U.S. President Joe Biden told reporters on Monday. He said that while there was "so far" no evidence that the Russian government was involved, "they have some responsibility to deal with this."

A U.S. official said investigators were still working out the nuances of whether and to what degree the alleged Russian indifference to the cybercriminals was deliberate.

The Russian Embassy in Washington did not immediately return a message seeking comment. The Kremlin routinely denies having anything to do with cyberattacks on the United States.

Tackling the steady drumbeat of ransomware incidents taking American businesses hostage has ranked high on the Biden administration's list of priorities. A senior official with the U.S. Department of Homeland Security's cyber arm, CISA, said that the dramatic pipeline company hack should serve as a wakeup call well beyond the energy industry.

"All organizations should really sit up and take notice and make urgent investments to make sure that they're protecting their networks against these threats," said Eric Goldstein, CISA's executive assistant director for cybersecurity.

"This time it was a large pipeline company, tomorrow it could be a different company and a different sector. These actors don't discriminate."

(Reporting by Raphael Satter in Washington and Joseph Menn in San Francisco; additional reporting by Stephanie Kelly in New York; Editing by Howard Goller)

By Raphael Satter and Joseph Menn

ę Reuters 2021
12:08pUNITED RUSAL INTERNATIONAL PUBLIC JO : Abu Dhabi's Mubadala buys 2.6% of Russia'..
12:07aSHANGHAI STOCK EXCHANGE B SHARES IND : China's Heilongjiang Province Logs 10.2% ..
06/22Russia-focused gold miner Nordgold postpones London IPO
06/22DOW JONES FXCM DOLLAR INDEXá : SocGen Says Little Progress on The Banking Union ..
06/22It's time to invest vegan
06/22China, allies seek probe into indigenous children's remains in Canada
06/22OPEC+ discusses further easing of oil cuts from August -sources
06/22EU to extend steel safeguards for three more years
06/22Stocks, currencies look to Powell after hawkish remarks rattled markets
06/21Venezuela, under sanctions, asks local banks to make vaccine payments
More news
Duration : Period :
US Dollar / Russian Rouble (USD/RUB) Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends US DOLLAR / RUSSIAN ROUBLE (USD/RUB)
Short TermMid-TermLong Term