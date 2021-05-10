He denounces that a Russian criminal group is behind the cyberattack against the oil pipeline in the US.

Miami World / Telemundo 51

The cyber extortion attempt that forced the shutdown of a major US oil pipeline could have been perpetrated by a Russian criminal group known as DarkSide, sources told NBC News.

The group, which is sold as a kind of Robin Hood who robs big companies to donate a percentage to charity, is relatively new but has a sophisticated approach to the extortion business.

Georgia-based Colonial Pipeline, which operates a major pipeline, announced that it was forced to temporarily halt all pipeline operations following a hacker attack.

The attack occurred on Friday and lasted until this Sunday. It also affected some of their computer systems.

The pipeline, operated by Colonial Pipeline, transports gasoline and other fuels from Texas to the northeast of the country. It delivers almost 45% of the gasoline consumed on the east coast, according to the company.

The Alpharetta, Georgia-based company said on its page that it operates the largest refined products pipeline in the United States, transporting more than 360 million liters (100 million gallons) of fuel a day, primarily in the South. and eastern United States.

The administration of President Joe Biden indicated that it is working with “all available resources” to restore operations and avoid interruptions in the supply of fuel.

Experts say that gasoline prices are unlikely to be affected if the pipeline returns to normal operation in the next few days, but that the incident – the worst cyberattack to date against vital American infrastructure – should serve as a wake-up call. to companies about the vulnerabilities they face.

The company said it hired an outside cybersecurity firm to investigate the nature and scope of the attack and that it also contacted law enforcement and federal agencies.

“Colonial Pipeline is taking steps to understand and resolve this issue,” the company said in a statement late Friday.

The company was affected by what Colonial described as a “ransomware” attack, in which hackers often encrypt information to block access to computer systems and demand a large ransom to free the network. The company has not disclosed the demands or who made them.

DarkSide is one of the “ransomware” groups that have “professionalized” a criminal sector that has caused tens of billions of dollars in losses to some Western countries in the last three years.

DarkSide ensures that it does not attack medical, educational or government targets, but only large companies, and that it donates a portion of the proceeds to charitable organizations. It has been active since August and, like the most powerful “ransomware” groups, is known for not attacking organizations in countries that used to belong to the Soviet bloc.

Colonial did not detail whether it had made a payment or negotiated a ransom, and DarkSide also did not announce the attack on its website or respond to requests from reporters from The Associated Press. The lack of details regarding the ransom is usually indicative that the victim is negotiating or has already made a payment.

Commerce Secretary Gina Raimondo said Sunday that “ransomware” attacks are “what companies need to worry about now,” and that she will work “vigorously” with the Department of Homeland Security to address the problem, by which he described as one of the government’s top priorities.

“Unfortunately, these kinds of attacks are becoming more frequent,” he said on CBS’s “Face the Nation.” “We must work in partnership with businesses to make networks more secure in order to defend against these attacks.”