You may have thought ransomware only targeted individual people or companies. As it turns out, it can also strike at the heart of our country and take down critical infrastructure. Last week, a cyberattack shut down one of the nation’s largest pipelines, which transports more than 100 million gallons of fuel products every day. Now that Colonial Pipeline’s operations ground to a screeching halt, we can expect rippling effects throughout the rest of the country.
Primarily, you can expect gas prices to shoot upwards. That’s because Colonial Pipeline provides around 45% of the East Coast’s fuel. To contain the breach, it shut down 5,500 miles of pipeline. That means many customers are going without gasoline and jet fuel, which might lead to shortages.
This attack is the perfect illustration of an issue the federal government’s been slow to address. Aging infrastructure connected to the internet is riddled with vulnerabilities that put many of the nation’s most critical agencies at risk. But last week’s attack is historic, some experts say, and it makes one thing crystal clear: America’s energy is in danger.
What’s going on?
The Transportation Department is doing all it can to avoid a disruption of supply. That’s why it issued a regional emergency declaration in 17 states on Sunday. Basically, this increases trucking hours to make sure fuel is flowing and getting delivered over the roads.
Although many main parts of the pipeline are still offline, Colonial Pipeline says parts are back up. These are just “smaller lateral lines between terminal and delivery points,” though. In other words, it may be a while before things return to normal.
Energy analyst Amy Myers Jaffe said this is a historic attack. “It’s the most significant, successful attack on energy infrastructure we know of in the United States,” she told Politico.
CYBERATTACKERS KEEP ASSAULTING THE GOVERNMENT: How Russian hackers may have found our nuclear secrets
Officials aren’t sure if we’ll see an extended outage or if most of the pipeline will be restored soon. Rapidan Energy Group gave us a grave view of the future. “[An] extended outage would likely see spot retail price spikes and even product shortages in harder-to-resupply middle and southeastern states, especially if there’s hoarding,” it said in a note.
In other words, we might see something similar to the toilet paper craze in the early pandemic. Remember when people were hoarding cleaning supplies, water and toiletries?
If people start hoarding gas, that could steal your mobility. You might go to the gas station to fill up your tank — only to find out that the supply is empty since someone else bought it all. You’d be stranded at home, unable to drive anywhere.
Who’s behind the attack?
On Monday, the FBI confirmed the source of the attack: DarkSide. That’s a professional cybercriminal group that loves to extort victims through ransomware.
Organized and professional, DarkSide usually goes after for-profit companies from English-speaking countries. Not only does it carry out attacks, but it also develops and sells hacking tools to other cybercriminals. “Think of it as the evil twin of a Silicon Valley software start-up,” CNBC reporter Eamon Javers said.
Reuters says the hackers stole over 100 gigabytes of data from Colonial Pipeline’s cloud computing system, which went offline on Saturday. Despite causing chaos in America’s energy sectors, the hacking group claims it didn’t mean to create problems. It released a public statement confirming its only goal was money.
“We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for our motives. Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”DarkSide, quoted by Twitter account DarkTracer: DarkWeb Criminal Intelligence
Remember, ransomware attacks everyone — not just big companies or government agencies. Oftentimes, cybercriminals try to fish for money through individuals like you. If you want more info on how to protect yourself from ransomware, we have you covered.
Should I pay the ransom if I’m attacked by ransomware?