It’s been less than two weeks since a criminal cybergang group known as DarkSide succeeding in shutting down a pipeline that transports 45% of the United State’s gas and fuel supply along the East Coast, causing severe outages from Georgia to Virginia. While Colonial Pipeline slowly resumed operation last week, service will likely be impacted in the near-term.
Cyber and ransomware attacks have become more frequent and more severe in recent years, targeting schools, hospitals, corporations, and government networks. The ransomware attack on the Colonial Pipeline further demonstrates what cyberattacks—perpetrated by nonstate actors—can do to disrupt U.S. markets.
It also hints at how devastating a large-scale cyberattack, launched by a hostile nation-state, could be.
DarkSide, which surfaced in August 2020, has openly acknowledged that its malware was used by associates in the case of the Colonial Pipeline attack. The group fashions itself as a modern-day cyber Robin Hood—making money off of the rich and even donating some to charity.
Ransomware platforms, like the one used in the Colonial Pipeline attack, usually operate through a routine of double or triple extortion, insisting on money for both the decryption key to unlock an organization’s files and servers while also requesting ransom for a commitment to destroy any data stolen.
The organization is part of a constellation of criminal actors—long-known in the cybersecurity world—that emanates from Russia and its former Soviet states, as well as North Korea, China, Syria, and Iran.
Russian Presiden ..
Support the originator by clicking the read the rest link below.
