U.S. East Coast gasoline supply cut, hackers apologize

A horror scenario has occurred in the US: Cyber criminals have shut down one of the country's largest pipelines. The White House is alarmed, gasoline prices are rising. And criminals with a Robin Hood image are behind the attack. But this matter is now getting too hot for them.

Nothing works anymore. After one of the most devastating cyberattacks known to date, the operation of one of the largest gasoline pipelines in the United States has been suspended until further notice. At the end of last week, the operator Colonial Pipeline was attacked with ransomware. In such attacks, hackers smuggle ransomware into the IT systems of their victims, encrypt their data - and then demand a ransom for its release. For four days now, neither the company nor the experts and U.S. authorities involved have managed to get the system up and running again. The government of Joe Biden (78) has now classified the case as a top priority, several ministries have been called in via a task force, and a regional state of emergency has been declared.

The FBI said Monday that a group called Darkside was behind the attack. The hacking group, which first emerged in August 2020, surrounds itself with a Robin Hood image because it primarily attacks corporations and donates a portion of the ransom to charitable causes. It claims not to attack hospitals, schools, or nursing homes. It is among the professional ransomware gangs whose extortion attempts have cost businesses tens of billions of dollars in total over the past three years. It is unclear whether Russian hackers are behind Darkside - what is noticeable is that, like many other gangs, the hackers avoid targets in former Eastern Bloc countries.

In an unusual announcement Monday, the hackers, who had kept a low profile in the days before, expressed regret. "We are apolitical," the statement said. "Our goal is to make money, not to cause problems for society." In the future, it said, the group will exercise greater restraint and pre-screen which targets its partners target with ransomware.

The attack primarily hits the U.S. East Coast economy. The pipeline, which is mostly underground and stretches some 8850 kilometers, mainly connects refineries located on the Gulf of Mexico with the south and east of the US. The products transported include gasoline, diesel fuel and heating oil - around 2.5 million barrels (159 liters each) per day. According to Colonial, the pipeline transports about 45 percent of all fuel consumed on the East Coast and serves more than 50 million Americans. Customers also include the U.S. military and the nation's largest commercial airport in Atlanta.

Nervous reaction of commodity exchanges

The markets reacted accordingly nervously. Gasoline prices at filling stations are rising, as are prices in commodity trading. Forward contracts on gasoline rose by 4 percent on Monday to a three-year high. That's because in the short term, supply shortfalls are unlikely to be made up even by the extra tankers and trucks that have already been chartered. "My biggest concern is that there will be a gas station run," said Andrew Lipow, a consultant specializing in oil. It would be a "Herculean task" to make up the shortfall on the U.S. East Coast, analysts at RBC Capital Markets wrote.

Colonial Pipeline, founded in 1962 and based in the U.S. state of Georgia, is considered the largest pipeline company in the United States. Its main owners include U.S. conglomerate Koch Industries, financial investors from KKR and oil company Shell. The unlisted group has been led by industry veteran Joseph Blount since 2017. The company aims to get the pipeline back on track by the end of the week, it said Monday.

Repeated attacks with extortion Trojans

Germany's top cyber warrior Arne Schönbohm, 51, president of the Federal Office for Information Security (BSI), warned of similar dangers in this country. "Cyber attacks on critical infrastructure are a serious realistic scenario in Germany as well," he said.

Attacks with extortion Trojans had made headlines several times in recent years. In 2017 alone, the "WannaCry" extortion Trojan paralyzed computers in British hospitals and Deutsche Bahn timetable displays, among others, in addition to the computers of many private individuals. A few weeks later, the ransomware "NotPetya" hit shipping company Maersk and Nivea manufacturer Beiersdorf, among others.

Hacker attacks on infrastructure such as pipelines or power plants have been considered a horror scenario for years. So far, however, hardly any cases of successful cyber sabotage have been reported. The best-known incident was a large-scale power outage in Ukraine in December 2015, which is considered to be the work of Russian hackers. However, as recently as February, an attempt to chemically manipulate drinking water at a treatment plant in the U.S. state of Florida via hacker attack had become known. In the process, the proportion of sodium hydroxide was increased more than a hundredfold. However, employees at the plant immediately noticed the "potentially dangerous" change and reversed it, authorities said at the time.

U.S. Homeland Security Secretary Alejandro Mayorkas (61) now called on other companies to also be vigilant and protect themselves against extortion software and other types of cyberattacks.

Comments

Post a Comment

Popular posts from this blog

Chrome targeted by criminals: Why users need to update quickly now

A security vulnerability in Google Chrome is currently being exploited by cyber criminals. Malware could land on your PC through it. Read here how you can protect yourself. The Google Chrome browser is currently struggling with some security vulnerabilities. In a blog post , Google warns about a total of seven vulnerabilities, with the majority of these gaps being classified as a "high" threat to users. The vulnerabilities have been fixed in the latest version of Chrome for Windows, Linux and macOS. If you have Chrome version 90.0.4430.85 installed, it can no longer be exploited. If you have an older version of the browser installed, you should update urgently. You can find the download of the new version below these lines. Smartphone users do not have to be afraid of the security vulnerability. Google has not had to take any security measures here for the time being. The security vulnerability probably remained undiscovered by cyber criminals for the time being. So far, noth...
Read more

Face and voice recognition: Why TikTok wants to be allowed to collect biometric data in the USA

TikTok's privacy policy for the US now mentions the collection of biometric data from faces and voices. The background is likely to be a legal dispute that cost the company $92 million. Neue Datenschutzbestimmungen sind oft eher etwas für Juristen, doch die jüngste Aktualisierung von TikTok sollte alle Nutzerinnen und Nutzer in den USA aufhorchen lassen. Denn in den am 2. Juni aktualisierten Datenschutzbestimmungen für die USA ist ein Abschnitt enthalten, den es zuvor nicht gab. Er lautet übersetzt: »Wir sammeln möglicherweise biometrische Identifikationsmerkmale und biometrische Informationen, wie sie im US-Recht definiert sind, wie etwa von deinem Gesicht und deiner Stimme, aus deinen Inhalten.« Im englischsprachigen Original ist von »faceprint« und »voiceprint« die Rede. »Bevor wir damit anfangen«, frage man jedoch nach dem Einverständnis, wenn dies gesetzlich nötig sei, fügte noch TikTok hinzu. In response to an initial inquiry from "TechCrunch" about the ba...
Read more

Microsoft Teams, Zoom, WebEx: Berlin authority warns against popular video systems

After an initial data protection audit, some video service providers have made improvements to their offerings. But the Berlin data protection commissioner still sees serious shortcomings. The State Commissioner for Data Protection in Berlin (Germany), Maja Smoltczyk, advises against using leading video conferencing systems such as Microsoft Teams, Skype, Zoom, Google Meet, GoToMeeting, Teamviewer and Cisco WebEx. The reason is a retest of various offerings. After a number of services had already failed a test of data protection requirements last year, a new test of the major providers did not reveal any substantial improvement. Smoltczyk said that she was pleased "that our comments had persuaded so many providers to improve their offerings, in some cases very significantly, in terms of data protection". There are now enough legally compliant services for a wide range of purposes that there is no reason to break data protection law for video conferencing. However, if a provid...
Read more