Biden says ‘no evidence’ Russia involved in US pipeline hack but Putin should act

  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
Edward Helmore in New York, Joan E Greve in Washington and agencies
·5 min read
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
<span>Photograph: Jim Lo Scalzo/EPA</span>
Photograph: Jim Lo Scalzo/EPA

Joe Biden said on Monday that “so far” there has been no evidence that the cyber-attack late last week on a US pipeline had any involvement from the Russian state – but Biden did say Russia “has some responsibility” to deal with ransomware attacks emanating from its soil.

“It’s a criminal act, obviously. We have efforts under way with the FBI and DoJ to disrupt and prosecute ransomware criminals,” the US president said.

Questioned by the media about whether he believed Russia was involved in the hack, Biden said he would meet with Vladimir Putin in due course.

“So far there is no evidence based on, from our intelligence people, that Russia is involved, though there is evidence that the actors, ransomware, is in Russia. They have some responsibility to deal with this,” he said.

The development came as the FBI confirmed on Monday that the ransomware group responsible for the compromise of the pipeline network that supplies petrochemicals to the north-eastern US is DarkSide, an experienced collective of cybercriminals which has hacked scores of companies in the US and Europe.

A senior White House official said the FBI had been tracking DarkSide since at least last October.

Biden gave no details on a date or location for a meeting with the Russian president but the White House has previously indicated he would try to meet with Putin when he travels to Europe next month.

Speaking at a White House briefing earlier, Anne Neuberger, the deputy national security adviser for cyber, also declined to offer advice on whether the operator Colonial Pipeline should pay the hackers.

“Typically that is a private-sector decision and the administration has not offered further advice at this time,” Neuberger said. “Given the rise in ransomware, that is one area we are definitely looking at now to say what should be the government’s approach.”

Neuberger said US intelligence was working to determine whether the hackers have ties to the Russian government or other nation states.

The confirmation of the identity of the hackers behind the attack followed a message on social media, apparently from the group, in which it said its goal was to make money rather than to advance geopolitical aims.

As relayed by DarkTracer, an investigative platform, the message said in imperfect English: “We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives.

“Our goal is to make money, and do not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”

In a short statement the FBI said it “confirms that the DarkSide ransomware is responsible for the compromise of the Colonial Pipeline networks. We continue to work with the company and our government partners on the investigation.”

Cybersecurity experts who have tracked DarkSide said it appeared to be composed of veteran cybercriminals.

“They’re very new but they’re very organised,” Lior Div, the chief executive of a Boston-based security firm, Cybereason, told Reuters.

In response to the attack the Biden administration loosened regulations on the transport of petroleum products, as part of an effort to avoid disruptions in fuel supply. The commerce secretary, Gina Raimondo, said countering ransomware attacks was a top priority.

“Unfortunately, these sorts of attacks are becoming more frequent,” she told CBS. “We have to work in partnership with business to secure networks to defend ourselves.”

Energy experts said gasoline prices were unlikely to be affected if the pipeline was back to normal in the next few days. But continued disruption to the network which delivers about 45% of fuel consumed on the US east coast could cause increases.

A 5,500-mile network of pipelines operated by Colonial Pipeline, a Georgia-based company, carries more than 100m gallons of gasoline, diesel, jet fuel and home heating oil from the Gulf coast to New Jersey.

Colonial Pipeline said on Monday some lateral lines between terminals and delivery points were operating but its main lines were still shut down. It expected to “substantially” restore operational service by the end of the week.

“We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations,” the company said in a statement.

DarkSide is among ransomware gangs which have recently “professionalised”, Div told CNBC, adding that more than 10 of his customers had fought off break-in attempts in recent months.

Ransom hacks typically offer victims an encrypted key to make cryptocurrency payments. If the victim resists, hackers often threaten to leak confidential data.

DarkSide has hinted that it has made millions. Its site features stolen data from more than 80 companies in the US and Europe. Like many in the field, DarkSide appears to spare Russian, Kazakh and Ukrainian companies.

Typically, Div told Reuters, “they know who is the manager, they know who they’re speaking with, they know where the money is, they know who is the decision maker”.

Speaking to the Associated Press, Ed Amoroso, the chief executive of Tag Cyber, said state-backed hackers use the same intrusion methods as ransomware gangs.

Last week, Tulsa, Oklahoma, became the 32nd US state or local government to come under ransomware attack, said Brett Callow, a threat analyst with the cybersecurity company Emsisoft. Average ransom payouts last year tripled to more than $310,000.

David Kennedy at TrustedSec said once an attack is discovered, companies have little recourse but to rebuild infrastructure – or pay.

“Ransomware is absolutely out of control and one of the biggest threats we face as a nation,” he told the AP. “The problem we face is most companies are grossly underprepared to face these threats.”

Recommended Stories

  • Registration opens for hopefuls in Iran's presidential vote

    Iran opened registration Tuesday for potential candidates in the country's June presidential election, kicking off the race as uncertainty looms over Tehran's tattered nuclear deal with world powers and tensions remain high with the West. President Hassan Rouhani can not run again due to term limits, yet with the poll just a month away no immediate favorite has emerged among the many rumored candidates. Whoever wins the June 18 vote will take over from Rouhani, a relative moderate within the Islamic Republic whose two four-year terms began with Iran reaching the nuclear deal.

  • Romanian leader tells Biden more NATO troops needed in east

    Romania's president told U.S. counterpart Joe Biden on Monday that more NATO troops are needed on the alliance's eastern flank given Russia actions that are perceived as threatening by many in the region. The appeal by President Klaus Iohannis came during a conference of regional leaders which Biden joined by video. The Polish and Romanian leaders hailed Biden's appearance as a sign of U.S. support for their security.

  • French admiral: Air power helps root out 'underground' IS

    The Islamic State group is using stealth to regenerate its forces by developing its military capabilities underground, and France is deploying its warships and aircraft in the region to help troops on the ground root out the threat, a senior French naval officer said Monday. Rear Adm. Marc Aussedat, who leads a task force centered around France’s nuclear-powered aircraft carrier Charles de Gaulle, said that 18 advanced Rafale fighter aircraft are carrying out reconnaissance flights in Syrian and Iraqi airspace to gauge the actions of IS, and to bring their weapons to bear if necessary. ... First of all, is to give to these forces, coalition and Iraqi security forces, the means to fight the regeneration of Daesh on the ground.

  • ‘Unabashedly Racist’ NYPD Cop Boasted of Terrorizing Black People: Feds

    TIMOTHY A. CLARY/GettyThree New York City Police officers, including an “unabashedly racist” cop who retired last year, were arrested on Tuesday over a smorgasbord of allegedly corrupt schemes, from stealing car crash victims’ info to funneling damaged cars to a tow trucking business.Officers Heather Busch, 34, and Robert Hassett, 36, were indicted on five counts of using interstate facilities to commit bribery and two counts of conspiracy to violate the Travel Act after allegedly participating in the bribery scheme, the U.S. Attorney’s Office for the Eastern District of New York said.Robert Smith, a 44-year-old who allegedly started the scheme in 2016, was hit with the same charges, plus additional charges of attempting to transport at least one kilogram of heroin, and possessing a firearm during the commission of that crime.Prosecutors allege that, during his tenure as a cop, Smith participated in several criminal schemes, including “robberies and shakedowns...of individuals and businesses for bribe payments.”Wife: I ‘Snapped’ and Killed Estranged Hubby’s New Girlfriend After She Hit Me“Bro, I robbed everyone,” Smith allegedly said in one text message to another person, according to a detention memo obtained by The Daily Beast. In another text after his retirement in March 2020, Smith allegedly told an associate he “would brandish his firearm in front of Black individuals to terrorize them,” prosecutors said.“Bro I point my gun out the window now at [N-word] and watch their reaction and drive way. Hilarious,” he allegedly wrote.According to the Civilian Complaint Review Board records, 31 complaints dating back to 2002 were filed against Smith while he was an officer. Only a 2011 complaint about offensive language about gender was ever substantiated against him.“Behavior like the type alleged today is a disgrace. It erodes public trust in law enforcement and tarnishes the reputations of the many thousands of officers who honorably serve our communities on a daily basis,” FBI Assistant Director-in-Charge William Sweeney said in a Tuesday statement. “Nobody is above the law, and we will not tolerate illegal behavior, especially among the ranks of sworn law enforcement officers.”Prosecutors allege that from September 2016, Smith and Hassett would respond to car crashes and make sure the wreckage went to a specific automobile repair business in exchange for kickbacks.The scheme violated the NYPD’s Directed Accident Response Program, which requires officers to choose from a variety of licensed tow trucking companies in the area of a crash to encourage equal financial opportunity. In exchange, the cops got “thousands of dollars in cash bribes” from an unnamed individual.It’s unclear how much Smith and Hassett made in total but the indictment says Smith made $4,000 just by steering four cars to the specific tow company between Nov. 2019 and Jan. 2020. Before Smith retired in 2020, he handed the reins to Hassett, prosecutors said, adding that they discussed recruiting Busch, who agreed to join in March.Busch steered at least six damaged cars to the towing business and received $5,000 in bribes, the indictment states.Just before retiring, however, Smith and Hassett began to steal names and information on crash victims from NYPD databases for the unnamed person. Prosecutors allege they knew the person was selling the information to a physical therapy business and personal injury lawyers to obtain customers.Over three months, the pair stole the information of more than 100 crash victims of recent automobile accidents” in exchange for $7,000, the indictment states.Prosecutors detailed other alleged schemes Smith participated in after leaving the force. In January 2020, Smith expressed interest to the same unnamed individual in transporting “illegal narcotics in exchange for payment,” the indictment says. Smith even said he “could carry a firearm and his retired NYPD identification while he was transporting the drugs,” prosecutors state.“In July 2020, Smith met with an individual in Brooklyn and accepted a bag containing what Smith understood to be a kilogram of heroin. Smith then transported the bag to a location in Queens where he delivered it to another individual,” prosecutors said. “Smith received a payment of approximately $1,200 in cash for his participation in the scheme.”All three, who were officers for the 105th Precinct in Queens, are expected in Brooklyn federal court Tuesday afternoon. Prosecutors are asking for a significant bond for Busch and Hassett.In the detection memo arguing for Smith to be “permanently detained pending trial,” prosecutors argued he is a clear danger to the community and was a “corrupt NYPD officer” who once wrote to a colleague: “I want to see mass nypd suicide and deaths. Those fake bitches.”The memo says that Smith had threatened to harm people if “he came to believe they were assisting federal law enforcement authorities,” including one instance where he said he would “get” the unnamed person involved in the schemes if he learned he was “wearing a wire.”Prosecutors noted that Smith referred to himself in a text message as “one of the most corrupt cops in the 105,” referring to the 105th Precinct. In another message to a fellow NYPD officer, Smith described himself as a “perp that got away,” the memo states.Black Bike Riders: ‘Central Park Karen’ Falsely Accused Us of ‘Beating’ HerSmith also displayed “unabashedly racist and hate-filled language in his communications” obtained by federal authorities, the detention memo states. The messages had “numerous references to the Ku Klux Klan, including one—just after his retirement—in which he wrote, ‘Now the real [S]mith will shine. I even shaved my head. Klan.’”Busch’s attorney did not immediately respond to The Daily Beast’s request for comment. Lawyers for Smith and Hassett declined to provide a statement.An NYPD spokesperson confirmed to The Daily Beast on Tuesday that Hassett and Busch have been “suspended without pay.” The spokesperson referred to a statement by Commissioner Dermot F. Shea that said the department has “zero tolerance” for “corruption of any kind.”Read more at The Daily Beast.Got a tip? Send it to The Daily Beast hereGet our top stories in your inbox every day. Sign up now!Daily Beast Membership: Beast Inside goes deeper on the stories that matter to you. Learn more.

  • Rocket captured soaring over the New Jersey coast

    Mike Carroll caught this extraordinary moment on camera early in the morning of May 9 as NASA's Falcon 9 rocket flew overhead of Barnegat Light, New Jersey.

  • Russian cybercriminals just pulled off a devastating attack inside the US

    Unless operations are restored by Tuesday at the major US fuel pipeline that a Russian gang of cybercriminals hit with a ransomware attack on Friday, problems are going to start mounting, rapidly. First impacting the Atlanta area as well as Tennessee, and then snowballing all the way up to New York State, according to a worst-case scenario prediction that oil market analyst Gaurav Sharma has shared with the BBC. In other words, the fallout from the attack on Colonial Pipeline, which runs the largest US fuel pipeline system, could get ugly really fast. By late Sunday evening, word was only just beginning to circulate about the culprits believed to be responsible for this attack against what one official described as no less than the “jugular” of the US pipeline system. “It’s the most significant, successful attack on energy infrastructure we know of in the United States.," energy researcher Amy Myers Jaffe told Politico. And rather than well-resourced hackers working with the imprimatur and backing of a nation-state (like China or Iran), experts have zeroed in on an outfit called DarkSide, described as a relatively new but experienced band of Russian hackers who have a quasi-professional operation and basically exploded onto the hacking scene. It was only a little over a week ago now when we last noted that Russian hackers are getting increasingly brazen in their attacks on targets in the US -- like the one against the Washington DC Metropolitan Police Department, which was targeted by a ransomware group calling itself Babuk. Unless the cops paid up, the hackers threatened to publicize sensitive information stolen from the department's computer network. The Colonial Pipeline attack, of course, is exponentially worse. For one thing, its network carries 45% of the fuel consumed by the US East Coast. Major installations like the Hartsfield-Jackson Atlanta International Airport, which until this year was ranked as the world's busiest airport, receive fuel from Colonial Pipeline, as do military bases across the pipeline's footprint. https://twitter.com/jasonbordoff/status/1391107214513934340 Other key facts about Colonial Pipeline, and this security incident: Colonial's 5,500-mile system stretches from Houston, Texas, all the way up to New Jersey, and it transports more than 2.5 million barrels of fuel each day. Don't start looking for an impact on prices at the pump until the pipeline outage has lasted longer than three days, one expert told Reuters. (An important caveat: If Americans start rushing out to buy gas, thinking prices are going to spike soon and they want to beat that upswing, that could help cause the very problem they want to avoid). The Southeast US seems to be most vulnerable, as things stand now. Major population centers on the East Coast can source fuel from elsewhere, including Europe if needed (though that brings its own problems). For a bit of additional historical context, when a leak in the Colonial Pipeline system in Georgia required the line to be shut down for more than a week in 2016, that led gas prices to climb by more than 30 cents a gallon. President Biden on Sunday declared a state of emergency over this ransomware incident, which includes the hackers stealing almost 100GB of data from the pipeline operator's network prior to locking the system and demanding payment. On Sunday, Colonial Pipeline released a statement that read, in part: "While our mainlines (Lines 1,2,3, and 4) remain offline, some smaller lateral lines between terminals and delivery points are now operational. We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations." Cybersecurity-focused journalist Kim Zetter has a fantastic Substack newsletter, Zero Day, that took a closer look at this incident in a new edition over the weekend. Among some of the highlights that jumped out at me in her reporting, she was told by a source who works for "a large midstream oil company that feeds fuel into Colonial's pipeline" that his own company is having to scramble to figure out what to do with fuel in the meantime that they have sitting in tanks which needs to be delivered to Colonial. "We gotta find storage for refiners (and we) might run out (of storage) if it takes too long," the source told Zetter. "Then refineries (will have to) cut back. Problem escalates." And even though Colonial has said only its corporate IT network was infected by the Russian gang's ransomware -- and that Colonial shut down its operational network out of caution -- the unnamed source mentioned above also told Zero Day that he suspects, but doesn't know for sure, that something Colonial needs in order to restart the pipeline might be locked in the ransomware attack. His guess is Colonial's system for billing customers. https://twitter.com/DAlperovitch/status/1391595348418834432

  • Poll: More Americans say U.S. is on right track than any time since 2017

    54% of Americans in the latest AP-NORC poll say the U.S. is heading in the right direction, marking the highest level of public optimism the poll has recorded since 2017.The big picture: 71% of Americans approve of President Biden's handling of the coronavirus pandemic, bringing his overall approval rating to 63% after four months in office, according to the poll.Stay on top of the latest market trends and economic insights with Axios Markets. Subscribe for freeBy the numbers: Despite his widespread popularity, approval of Biden's performance is still starkly divided along partisan lines.57% of Americans approve of Biden’s handling of the economy, which breaks down to 91% of Democrats and just 19% of Republicans.Of all the issues polled, Biden's immigration policies received the lowest overall marks at 43% approval. That includes 70% of Democrats and just 11% of Republicans.There also remains a partisan gap with respect to views on pandemic risk. 69% of Democrats are still somewhat worried about getting infected with COVID-19, compared to 33% of Republicans.Where it stands: The overall positive picture comes as coronavirus cases plummet across the country and the U.S. economy continues to reopen thanks to a successful vaccine rollout.The Biden administration could face some headwinds in the coming months as the rate of vaccinations slows down and employers struggle to add more jobs.And after passing his signature $1.9 trillion COVID relief package in March, Biden may have more difficulty getting Congress to approve his multi-trillion dollar infrastructure plan.Methodology: The nationwide poll was conducted April 29-May 3, 2021 using the AmeriSpeak® Panel, the probability-based panel of NORC at the University of Chicago. Online and telephone interviews using landlines and cell phones were conducted with 1,842 adults. The margin of sampling error is +/- 3.2 percentage points.More from Axios: Sign up to get the latest market trends with Axios Markets. Subscribe for free

  • The hackers that attacked a major US oil pipeline say it was only for money - here's what to know about DarkSide

    A major US fuel pipeline has been offline since Friday. The ransomware group that did it says it was just for the money and not political.

  • Cubans desperately need a strong Radio Television Martí. Biden should restore its budget | Opinion

    As Cuba’s economy continues to crumble and its political infrastructure weakens, it is even more necessary for the U.S. government to have a conduit to the Cuban people.

  • Washington Post names AP's Sally Buzbee as executive editor, replacing Marty Baron

    The Washington Post has named Associated Press executive editor Sally Buzbee as its new executive editor, effective June 1.Why it matters: Buzbee replaces legendary editor Marty Baron, who retired at the end of February. She will be the first woman to lead the newsroom in The Post's 144-year history.Get market news worthy of your time with Axios Markets. Subscribe for free.What they're saying: "Sally Buzbee has an exceptional record of achievement and a tremendous wealth of experience in leading a global news organization," Washington Post Publisher Fred Ryan wrote in a memo to staff.“In an extensive search that included many of the best journalists in America, Sally stood out as the right person to lead The Post going forward. She is widely admired for her absolute integrity, boundless energy, and dedication to the essential role journalism plays in safeguarding our democracy.”Between the lines: While Baron's retirement wasn't a surprise, his departure seemed rather abrupt to media insiders, especially given that The Post hadn't yet hired an editor to replace him. The Post named managing editor Cameron Barr as interim editor in late February, just before Baron stepped aside. Be smart: Baron's successor has been the subject of intense speculation for months. Sources told Axios that the decision was made by a very tight-knit group of top executives, including The Post's publisher Fred Ryan and its owner Jeff Bezos. Other names that were floated for the role, as Axios previously reported, include former Post managing editor and ESPN executive Kevin Merida, who was recently named executive editor at the Los Angeles Times, and National Geographic editor in chief Susan Goldberg.The big picture: Buzbee will be tasked with continuing to grow The Post's reputation for strong, investigative journalism, while also being open to experimentation with new technologies and ideas. She will also need to navigate the Post's newsroom through difficult questions around the role of activism in journalism, especially at a time when news companies are expected do more to address diversity and inclusion.The Post has been able to successfully transition its brand into the digital era under Bezos' ownership and Baron's editorial leadership. Under Baron, The Post launched a major video unit and hired a full-time TikTok reporter. It expanded its tech and business coverage and made new investments in data journalism. What to watch: The AP announced it will immediately begin its search for a new executive editor, which it expects to take a few months."As AP’s top editor, Buzbee has directed AP’s global news report throughout the Trump administration, the #MeToo movement, Brexit, the COVID-19 pandemic, protests over racial injustice and the 2020 U.S. election," AP said in a press release. "This is bittersweet news for the AP. Sally has been an exceptional leader, guiding AP’s journalists and news report through some of the most pivotal news events of our time," said AP president and CEO Gary Pruitt.Go deeper: Pulitzer Prize-winning Washington Post editor Marty Baron retiresLike this article? Get more from Axios and subscribe to Axios Markets for free.

  • Colonial pipeline shutdown to keep volatility across the commodity space: Prosper Trading Academy CEO

    Scott Bauer, Prosper Trading Academy CEO,&nbsp;joins Yahoo Finance Live to discuss impacts from one of America's largest pipelines shutting down after being hit by a cyber attack.

  • Covid virus is airborne and can spread beyond six feet, says top US medical body

    CDC reiterated guidelines to prevent the transmission of infection including physical distancing, wearing a well-fitting mask and avoiding crowded indoor spaces

  • ‘Stop the vaccines!’ Marjorie Taylor Greene launches anti-vaxx rant on Steve Bannon show

    ‘We need to stop the masks, stop the vaccines and stop Covid-19 from controlling our lives,’ Ms Greene says

  • Boy, 14, charged with murdering cheerleader classmate posts arrest selfie on Snapchat

    It remains unclear whether the teenager will be charged as a juvenile or as an adult

  • Dr Fauci once again schools Rand Paul after GOP senator peddles Covid misinformation

    ‘You are saying things that are not correct’, says infuriated NIAID director

  • Don Jr’s ex-wife dated Secret Service agent the president assigned to them, book claims

    Secret Service agents are prohibited from dating the people they are protecting

  • Caitlyn Jenner mocked for rambling interview insisting ‘a guy called Lee’ and other ‘budget people’ helped her understand California’s $3 trillion economy

    Jenner describes how her experience of selling ‘a billion dollars worth of exercise equipment’ has helped her develop leadership skills

  • Mass Grave Dug on Banks of Ganges for 100 Possible COVID Victims Found Floating Down River

    Danish Siddiqui via ReutersIn a macabre twist to a situation that is already too dire to comprehend, authorities in the Indian states of Bihar and Uttar Pradesh have had to call in excavators to dig a mass grave after nearly 100 bloated and decomposing bodies were found floating in the Ganges River. Scammers Sell Fire Extinguishers as Oxygen Cylinders to Dying COVID Patients in IndiaAround 40 bodies were found in one riverbank area, and groups of 10 or more were found downstream near cremation ghats that had run out of firewood. Some were partially burned, an official told local media. “We retrieved 71 bodies,” Buxar Superintendent of Police Neeraj Kumar Singh told The Hindu. “Some of them have been disposed of while the process for others are underway. Samples of some bodies too have been preserved for further tests.”It is not yet known if those found floating in the river were victims of COVID-19—nor is it known exactly who they were. None had identification on them, and given the extreme situation that has taxed all public offices across the country, it does not seem likely anyone will be able to identify them with certainty any time soon. If they were dumped from cremation platforms, authorities suggest families may assume they had been properly cremated. Videos of the floating bodies have gone viral across the country, with many blaming Prime Minister Narendra Modi’s apparent negligence for his handling of the pandemic. Over the weekend, the prestigious medical journal Lancet published a scathing editorial placing the blame squarely on his shoulders, saying the deadly mayhem could have been prevented. Meanwhile, the Times of India has reported that funeral homes are “profiteering” by selling expensive funerals and cremations to desperate family members who want their loved ones properly laid to rest. With firewood shortages, many families have had to opt for burials, which are now being sold in some states for up to three times the normal price. India has logged more than 22.6 million coronavirus cases and 246,116 COVID-related deaths since the start of the pandemic, most in the last month.Read more at The Daily Beast.Get our top stories in your inbox every day. Sign up now!Daily Beast Membership: Beast Inside goes deeper on the stories that matter to you. Learn more.

  • Explicit billboard attacking Biden and Harris causes controversy in Maryland

    Local Democratic committee chair says sign is ‘vulgar, and it doesn’t reflect Calvert County’

  • Families of Black Americans killed by police push for UN to intervene

    The families have been pushing the international community to take action since last summer’s protests