Major US fuel pipeline taken down by ransomware attack

News
By last updated

Attack could see fuel prices soar if it isn’t resolved soon

Ransomware
(Image credit: Shutterstock)

A major ransomware attack has severely impacted fuel deliveries across the US East Coast by shutting down one of the country’s largest pipelines. 

The Colonial Pipeline was completely knocked offline reportedly by the DarkSide ransomware group late last week, with experts saying that fuel prices are likely to rise 2-3% this week, with the impact set to be far worse if the pipeline isn’t restarted soon.

Cybersecurity experts from Cybereason have been tracking the DarkSide ransomware gang since it first appeared in August 2020. According to their research, the group has recently released a new version of its ransomware that it claims has the fastest encryption speed, which gives victims little time to take action once their network is infected.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Double-extortion

Cybereason CEO Lior Div told TechRadar Pro that, like many other ransomware gangs, DarkSide uses a double-extortion scheme, in which they don’t just encrypt the victim’s data, but also exfiltrate it and threaten to make it public if the ransom demand is not paid.

In the Colonial pipeline attack, the group reportedly took almost 100GB of data hostage, which they threatened to leak onto the internet if the ransom isn’t paid.

While it isn’t clear how much ransom DarkSide has demanded from Colonial, Cybereason says their demands usually range between $200,000 to $2,000,000. The group is known to follow through with its threats and has published stolen data from more than 40 victims on its website, which Cybereason estimates to be just a fraction of the overall number of victims.

Stefan Schachinger, Product Manager, Network Security, IoT, OT, ICS at Barracuda believes that Colonial has been attacked through an insecure remote access

“Remote accesses are not insecure per definition but require proper security measures such as encryption and multifactor authentication. Organizations should also implement a layered defence strategy, with multiple technical hurdles that keep attackers and malicious software out,” he told TechRadar Pro.

representational image of a cloud firewall

(Image credit: Pixabay)

The attack has put the spotlight on the threat to operational technology (OT) in civil infrastructure, amplified by the use of outdated or poorly protected software, as it the latest in a string of recent cyber attacks on utilities. 

A few months ago, an unsophisticated attacker managed to break through into a water treatment utility in the city of Oldsmar, Florida, still running on the outdated Windows 7 PCs.

“The SolarWinds and Microsoft Exchange email server attacks were unparalleled in their scope, successfully infiltrating and compromising virtually every US government agency and a wide array of medium and large private sector companies. The Colonial Pipeline attack reinforces the need to update legacy systems running today’s critical infrastructure networks,” Div added.

Via The Guardian

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
Hands typing on a keyboard surrounded by security icons
35 years on: The history and evolution of ransomware
A laptop with a red screen with a white skull on it with the message: &quot;RANSOMWARE. All your files are encrypted.&quot;
Less than half of ransomware incidents end in payment - but you should still be on your guard
A laptop with a red screen with a white skull on it with the message: &quot;RANSOMWARE. All your files are encrypted.&quot;
More reports claim 2024 was the worst year for ransomware attacks yet
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Fortifying the UK’s energy sector: The cybersecurity imperative in an AI-driven future
A computer being guarded by cybersecurity.
The impact of the cyber insurance industry in resilience against ransomware
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
Latest in Security
An American flag flying outside the US Capitol building against a blue sky
The FCC is creating a security council to bolster US defenses against cyberattacks
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Ransomware
Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Meta warns of worrying security flaw hitting open source type software
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Biometrics add another layer of security to passwordless authentication
Data leak
Hacked Tata Technologies data leaked by ransomware gang
Latest in News
Google Gemini Flash 2.0 Images
I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's Flash 2.0
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung Galaxy S26 Ultra could resurrect an intriguing camera feature
Eurocom Raptor X18
At $15,000, this massive 256GB RAM laptop makes Apple's MacBook Pro look affordable, tiny and very, very slow
Cristin Milioti in Black Mirror season 7
Netflix launches trailer for Black Mirror season 7, giving us a look at its first-ever sequel episode and an unexpected returning character
A graphic of the PC Gaming Show
Get ready for a bounty of PC games on June 8, as the PC Gaming show is back
A close up of The Daily podcast from Pocket Casts&#039; web page
‘Podcasting shouldn’t be locked behind walled gardens’: Pocket Casts slams Spotify and makes its web player free to all
More about security
An American flag flying outside the US Capitol building against a blue sky

The FCC is creating a security council to bolster US defenses against cyberattacks
Ransomware

Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Google Gemini Flash 2.0 Images

I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's Flash 2.0
See more latest
Most Popular
Google Gemini Flash 2.0 Images
I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's Flash 2.0
Eurocom Raptor X18
At $15,000, this massive 256GB RAM laptop makes Apple's MacBook Pro look affordable, tiny and very, very slow
Dell Pro 75 Plus monitor pictured against a white background.
Dell just launched a $4,000 75-inch 4K touchscreen display - but I've found one rival that's 50% cheaper
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung Galaxy S26 Ultra could resurrect an intriguing camera feature
Quordle on a smartphone held in a hand
Quordle hints and answers for Friday, March 14 (game #1145)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Friday, March 14 (game #642)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Friday, March 14 (game #376)
Verizon logo on a building with blue sky above
Millions of Americans are missing out on cheap unlimited cloud storage - how to check if you are one of them
Cristin Milioti in Black Mirror season 7
Netflix launches trailer for Black Mirror season 7, giving us a look at its first-ever sequel episode and an unexpected returning character
The Toyota FT-Me Concept sitting in a car park
Toyota's self-charging concept EV could help you tackle the daily commute on solar power alone