The FBI confirmed that the hacker group "DarkSide" was the author of the attack against the largest network of pipelines in the US.
The Colonial Pipeline company indicated that it began the reopening "in stages." It is not known if you made the payment demanded by the digital pirates
The FBI confirmed on Monday that a ransomware attack by the mysterious group. DarkSide forced the closure of the Colonial Pipeline network that supplies fuel to much of the United States.
" The FBI confirms that the DarkSide 'ransomware' is responsible for compromising the networks of Colonial Pipeline, " a company that ships fuel from the Gulf Coast of Texas to the populous East Coast through 8,850 kilometers of pipelines, serving 50 million consumers, informed the Federal Bureau of Investigation (FBI) in a statement.
"We continue to work with the company and our government partners on the investigation," the Federal Bureau of Investigation said in a statement.
Colonial Pipeline, for its part, confirmed that it is starting a reopening "in stages" and that it plans to regain capacity by the weekend, which could mean that it paid the ransom demanded by the hackers. Usually, the amounts of money are covered by insurance policies.
The pipeline transports gasoline and other fuels from Texas to the northeast of the country. It delivers almost 45% of the gasoline consumed on the east coast, according to the company. It was inspired by what the colony described as a ransom attack, in which hackers often demanded large ransoms to block access to computer systems, paralyze networks, and then free the network. To encrypt information.
Colonial Pipeline said Sunday that it was in the process of restoring some of its information technology systems. The company says it continues in connection with law enforcement and other federal agencies, including the Department of Energy, which is managing the federal government's response. The company has not disclosed what was required of it or who did it.
The Dark Side is one of the ransomware groups that has "professionalized" a criminal sector that has cost some Western countries tens of billions of dollars over the past three years.
Experts speculate that Dark Side is based in an Eastern European country. The organization ensures that it does not attack medical, educational, or government targets, but only large companies. A portion of the proceeds goes to charities. It has been active since August and, like most powerful "ransomware" groups, is known for not attacking organizations in countries that previously belonged to the Soviet bloc.
The Colonial did not elaborate on whether it had paid or negotiated a ransom, and Dark Site has not announced an attack on its deep website or responded to reporters' requests. The need for ransom details often means that the victim is negotiating or has paid.
The colonial pipeline said Sunday it was developing a "system reboot" plan. He indicated that his main pipeline was still out of work but that some smaller pipelines were already in operation. The company said in a statement: b" Will do In full compliance with
Commerce Secretary Gina Raymondo said on Sunday that companies now need "attacks" on things they need to worry about and that they are working closely with the Department of Homeland Security to address the issue. Will work, which he said is one of the government's top priorities.
"Unfortunately, these kinds of attacks are becoming more frequent," he told CBS's The Nation of Fiction. We need to work in partnership with businesses to make the Defender Network more secure in defending against these attacks.