05/10/2021 10:18 AM
Clarín.com
World
Updated 05/10/2021 10:18
About 400 million liters per day of fuel flow through the veins of the gigantic Colonial Pipeline on the east coast of the
United States
.
But for three days the vital network system has been closed by a cyberattack.
Who is behind the "ransomware"?
The
DarkSide
group
.
Ransomware
or "data hijacking" in Spanish, is a type of harmful program that restricts access to certain parts or files of the attacked operating system and asks for a ransom in exchange for removing this restriction.
It is, in any case, a cybernetic extortion that in this case left the gigantic oil pipeline out of operation.
The lights are now focused on the criminal group known as DarkSide, which cultivates an image of
Robin Hood
stealing from big business and donating a percentage of the loot to charity, two people familiar with the investigation revealed Sunday.
Colonial Pipeline storage tanks in New Jersey.
Photo: Reuters
Meanwhile, the shutdown was extended to a third day, and the administration of President Joe Biden said that it is working with
"all available resources"
to restore operations and avoid interruptions in the supply of fuel.
Experts say gasoline prices are unlikely to be affected if the pipeline returns to normal operation in the coming days, but they believe the incident -
the worst cyberattack
to date against vital US infrastructure - should serve as a wake-up call. to companies about the vulnerabilities they face.
The pipeline, operated by Colonial Pipeline _ a Georgia-based company _, carries gasoline, diesel and jet fuel from Texas to the northeast of the country.
It delivers nearly
45% of the fuel
consumed on the east coast, according to the company.
A police officer guards the entrance to Colonial Pipeline Co. Photo: Bloomberg
It was affected by what Colonial described as a "ransomware" attack, in which hackers often
encrypt information
to block access to computer systems, paralyzing networks, and then demanding a large ransom to free the network. .
Colonial Pipeline said Sunday that it is in the process of restoring some of its information technology systems.
The company says it remains in contact with law enforcement and other federal agencies, including the Department of Energy, which is leading the federal government's response.
The company has not disclosed
what was required of it
or who did it.
DarkSide
However, two people familiar with the investigation, who spoke on condition of anonymity, said DarkSide was responsible.
It is one of the groups of "ransomware" that
have "professionalized"
a criminal sector that has caused tens of billions of dollars in losses to some Western countries in the last three years.
DarkSide ensures that it does not attack medical, educational or government targets, but only large companies, and that it donates a portion of the proceeds to charitable organizations.
It has been active since August and, just like the most powerful ransomware groups do, it is known for not attacking organizations in former
Soviet bloc countries.
A drone image of the Colonial Pipeline fuel tanks.
Photo: EFE
Colonial did not detail whether it had made a payment or negotiated a ransom, and DarkSide did not announce the attack on its deep web site or respond to requests from reporters from The Associated Press.
The lack of details regarding the ransom often indicates that
the victim is negotiating
or has already made a payment.
Colonial Pipeline said Sunday that it is developing a plan to "reboot the system." It said its main pipeline remains out of service, but that some of the smaller pipelines are already in operation.
"We are in the process of restoring service to other branches and will fully restore our online system only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations," the company said in a statement.
Commerce Secretary Gina Raimondo said Sunday that "ransomware" attacks are "what companies
need to worry about
now," and that she will work "vigorously" with the Department of Homeland Security to address the issue. problem, which he described as one of the government's top priorities.
"Unfortunately, these types of attacks are becoming
more frequent
," he said on CBS's "Face the Nation."
"We must work in partnership with businesses to make networks more secure in order to defend against these attacks."
By Mae Anderson and Frank Bajak, Associated Press
ap
Look also
Did Joe Biden go socialist?
Lights and shadows of a multimillion dollar plan to get out of the crisis
One Hundred Days of Joe Biden: The Ten Issues of a Presidency That Changed the Tone in America