A criminal gang believed to be based in Eastern Europe is responsible for the hack that has led to the shutdown of the main pipeline supplying gasoline and diesel fuel to the U.S. East Coast, the Federal Bureau of Investigation said.
The organization, known as DarkSide, is a relatively new hacking group that Western security researchers say is likely based in Eastern Europe, possibly in Russia. The organization created the malicious computer code that resulted in the shutdown, officials said.
“The FBI confirms that the DarkSide ransomware is responsible for the compromise of the Colonial Pipeline networks,” an FBI spokesman said Monday. “We continue to work with the company and our government partners on the investigation.”
Earlier Monday, DarkSide posted a statement on the dark web claiming that its goal was solely to make money and denied it was connected to a foreign government. The DarkSide statement didn’t directly mention Colonial Pipeline Co., whose 5,500-mile line from the Gulf Coast to Linden, N.J., now has been offline for four days following a ransomware attack on its information technology systems, instead referring obliquely to “the latest news.”
“We are apolitical, we do not participate in geopolitics,” the group said in a statement posted to its website on Monday. It said it wasn’t tied to a “defined” government and added: “Our goal is to make money, and not creating problems for society.”