Washington: Colonial Pipeline, the largest fuel pipeline company in the United States, paid $5 million in ransom to cyber attackers. Last Friday, the fuel pipeline was hit by a ransomware attack. Besides, the company shut down its oil pipeline and fuel supply completely after the cyberattack. The Russian-based hacker group, DarkSide, carried out the attack. This incident has brought ransomware attacks on US government and private agencies and companies to the forefront.
Leading US website Bloomberg published a news article about the ransom paid by Colonial Pipeline to the DarkSide hackers. As per the statement released by the company on Thursday, the company has informed about resuming its routine operations, but it does not mention the demanded ransom. Moreover, Bloomberg has reported that US government officials have confirmed a ransom payment was made.
In an interview, Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, said that the US government condemns such extortions. But, at the same time, Neuberger said, “Companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data,” and assured the US government would not pressurise the companies. US Secretary of Energy Jennifer Granholm warned that the ‘Colonial incident’ is severe. Besides, Granholm stated that the United States must now focus on investing more in Energy Sector’s cybersecurity.
Over the past year, the DarkSide hacker group, which extorted money from Colonial Pipeline, has increased its activities. This group has targeted over 80 US and European companies with ransomware attacks in the last nine months. Furthermore, the group exclusively targets large private companies and avoids government systems, hospitals, and educational institutions. Although these hackers are known to be from Russia, there is no evidence of them being associated with the Russian government.
Meanwhile, along with news of the US company making a ransom payment, reports of Ireland’s health service and Japanese multinational company Toshiba being hit by ransomware cyberattacks have surfaced. The cyberattack on Ireland’s health service is massive and has forced it to shut down its computer network. It is a ransomware cyberattack and is being investigated, informed the sources. On the other hand, Toshiba has disclosed that its computer networks in Europe have been subjected to a cyberattack. Moreover, Toshiba has said the attack had been carried out by the DarkSide hacker group, which targeted the US pipeline.