As many of the readers don't know, Colonial Pipeline is the largest pipeline system for refined oil products in the US. As reported, "Darkside", a cybercrime hacking group hacked into Colonial Pipeline systems and demanded ransom. As per the FBI, it is accused that Russia is behind this digital attack; however, the Russian government has fully denied the claims.
As a result, the renowned Georgia-based company has paid around USD 5 million as ransom to get back its data. Just one week earlier, the company denied sending any money to the hackers as demanded; however, they didn't find any other way to retrieve the company data. It is also said that the company was under immense pressure from several gasoline and fuel operators.
After receiving the ransom in bitcoin, the hackers provided the decryptor tool to the company to restore the hacked data. However, the tool was so slow that the company needed to use its own backups to get the data back. There is no official statement received by any of the Colonial Pipeline members on this. In addition, the company resumed its operations last Wednesday from 5 pm ET.
The company came to know about the incident on 7th May and immediately stopped their operations. The cyber attack and paused operation, lead to a fuel shortage in gas stations on the East Coast.
Ransomware is another type of malware that is used to steal or lock a victim's data, which the attackers promise to unlock against a sum of money. When a hacker encrypts any file, it will only be restored using the respective decrypted tool. As recorded, in 2020, around 400 million Ransom has been paid by different companies to these digital attackers.
The FBI strongly advised companies to not pay any ransom to any of the hacking groups as there is no assurance that the hackers will return the data after getting the amount; we cannot trust or rely on their promises!
Ondrej Krehel, COO, and founder of LIFARS (digital forensic) said:
"They had to pay, this is cyber cancer. Do you want to die or do you want to live? It's not a situation where you can wait."
Krehel is also a former cyber expert at Loews Corp.
Krehel further added that a ransom of USD 5 million is very low for Colonial Pipeline. Generally, hackers demand around USD 25 to USD 35 million for these types of ransom attacks.
Our goal is to build industry experts that help organizations fight against cyber criminals.
Keep following ISOEH news to stay updated with global affairs.