The FBI confirmed Monday that the cybercriminal group known as DarkSide is behind the ransomware attack that led to the shutdown of a pipeline over the weekend that provides nearly half of the fuel used on the East Coast.
The cyber attack on Colonial Pipeline, a firm that funnels 100 million gallons a day, prompted the company to shut down its network, triggering a potentially massive disruption to millions of people and businesses as gasoline deliveries dry up. The company says it will restore service incrementally, with the goal of having the pipeline almost completely operational by the end of the week.
It’s being called “the most significant, successful attack on energy infrastructure we know of in the United States,” according to one energy industry observer.
DarkSide is a hacker group that cybersecurity experts say usually stick to selling ransomware hacking tools to other criminals, who then carry out attacks. The group posted the following statement on its website, as a way to clarify its intentions for the attack.
They seem to be suggesting they were not aware their ‘client’ was planning such a disruptive attack, and would better vet future partners in the future. And while the statement attempts to make clear DarkSide is after money and not political impact, there has been no mention about how much money they are seeking.
The attack and subsequent shutdown of the pipeline is already having an impact. There are reports of isolated sales restrictions at gas station pumps, and benchmark gasoline prices have reached a three-year high. It also underscored the vulnerability of America’s aging energy infrastructure.
Lawmakers are calling for stronger protections for critical U.S. energy infrastructure, and the White House has assembled a federal task force to assess the impact and avoid more severe disruptions. President Biden is also pushing for steps to be taken to prevent any fuel supply concerns.