Homeland Security Network Blog

The information source for first responders.

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Archives
    Archives Contains a list of blog posts that were created previously.
Posted by on in Terrorism
  • Font size: Larger Smaller
  • Hits: 451
  • Print

Ransomware Attack Leads To Shutdown Of Major U.S. Pipeline System

b2ap3_thumbnail_pipeline.jpg

The Washington Post

Ransomware Attack Leads To Shutdown Of Major U.S. Pipeline System

The attack on top U.S. operator Colonial Pipeline appears to have been carried out by an Eastern European-based criminal gang

By Ellen Nakashima, Yeganeh Torbati and Will Englund
 
A ransomware attack led one of the nation’s biggest fuel pipeline operators to shut down its entire network on Friday, according to the company and two U.S. officials familiar with the matter.

While it is not expected to have an immediate impact on fuel supply or prices, the attack on Colonial Pipeline, which carries almost half of the gasoline, diesel and other fuels used on the East Coast, underscores the potential vulnerability of industrial sectors to the expanding threat of ransomware strikes.

It appears to have been carried out by an Eastern European-based criminal gang — DarkSide, according to a U.S. official and another person familiar with the matter.

Federal officials and the private security firm Mandiant, a division of FireEye, are still investigating the matter, they said.

The Cybersecurity 202: A group of industry, government and cyber experts have a big plan to disrupt the ransomware crisis

“We are engaged with the company and our interagency partners regarding the situation,” said Eric Goldstein, executive assistant director of the cybersecurity division at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA. “This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.”

President Biden was briefed on the incident on Saturday morning, a White House statement said. It said the federal government is working to assess the incident’s implications, avoid disruption to supply and help Colonial Pipeline restore operations “as quickly as possible.”

Full story https://www.washingtonpost.com/business/2021/05/08/cyber-attack-colonial-pipeline/