The hackers that attacked a major US oil pipeline say it was only for money - here's what to know about DarkSide

The hackers that attacked a major US oil pipeline say it was only for money - here's what to know about DarkSide
·3 min read
Colonial Pipeline
Trucks line up at a Colonial Pipeline facility. Jay Reeves/AP
  • The FBI said DarkSide ransomware conducted the Colonial Pipeline cyber attack on Friday.

  • The ransomware gang said Monday its goal is to make money, not cause societal problems.

  • The company's main pipeline remains shut down, but some smaller arterial lines are operating.

  • See more stories on Insider's business page.

The ransomware gang that shut down a major US oil pipeline Friday said the attack was just for money and not about politics.

The hacking group known as DarkSide released a statement Monday saying: "Our goal is to make money, and not creating problems for society," CNBC reported citing Cybereason. The group did not specifically mention the Colonial Pipeline disruption.

The FBI said in a Monday statement that "Darkside ransomware is responsible for the compromise of the Colonial Pipeline networks." The group, which was previously a prime suspect, hacked the Colonial Pipeline, the largest US refined fuel pipeline operator.

The FBI said: "We continue to work with the company and our government partners on the investigation."

The company's main pipeline runs from Houston, Texas, to New York and carries more than 100 million gallons of gasoline, diesel, jet fuel, and home heating oil every day, transporting about 45% of the East Coast's fuel.

Colonial shut the line down Friday after realizing it was "the victim of a cybersecurity attack" in order to contain the threat, it said in a statement. Oil futures rose following the incident, potentially triggering higher gas prices for Americans if not rectified soon.

Reuters reported that DarkSide, though new, is likely made up of veteran cybercriminals focused on extortion, or getting money from their targets. The group reportedly has a code of conduct explaining which groups, such as schools, hospitals, and hospices, that it will not target "based on its principles," Bleeping Computer reported.

DarkSide did not say how much money it is seeking. Despite claiming to be apolitical with no specific country ties, some experts say DarkSide could have Russian ties, NBC News reported.

Read more: Biden is making a $10 billion bet that investing in America's cybersecurity and IT infrastructure will help the nation bounce back from COVID

As of right now, there's no timeline for when operations will resume, Colonial said.

"While our mainlines (Lines 1, 2, 3 and 4) remain offline, some smaller lateral lines between terminals and delivery points are now operational. We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations," the company said Sunday night.

President Joe Biden has since issued a regional emergency order and approved legislation from the US Department of Transportation that would provide a temporary hours-of-service exemption for workers transporting fuel. That means truckers can drive longer hours if transporting certain materials in specific states without being subject to usual limits.

In April, Biden launched an initiative to ramp up cybersecurity for the US power grid, as experts have long warned critical parts of the nation's infrastructure may be vulnerable to attack.

Read the original article on Business Insider