Connect with us

Hi, what are you looking for?


US President Biden vows to ‘disrupt and prosecute’ pipeline hackers, United States News & Top Stories

NEW YORK (NYTIMES) – President Joe Biden said on Monday (May 10) that the United States would “disrupt and prosecute” a criminal gang of hackers called DarkSide, which the FBI formally blamed for a huge ransomware attack that has disrupted the flow of nearly half of the gasoline and jet fuel supplies to the East Coast.

The FBI, clearly concerned that the ransomware effort could spread, issued an emergency alert to electric utilities, gas suppliers and other pipeline operators to be on the lookout for code like the kind that locked up Colonial Pipelines, a private firm that controls the major pipeline carrying gasoline, diesel and jet fuel from the Texas Gulf Coast to New York Harbour.

The pipeline remained offline for a fourth day Monday as a pre-emptive measure to keep the malware that infected the company’s computer networks from spreading to the control systems that run the pipeline.

The attack prompted emergency meetings at the White House all through the weekend, as officials tried to understand whether the episode was purely a criminal act – intended to lock up Colonial’s computer networks unless it paid a large ransom – or was the work of Russia or another state that was using the criminal group covertly.

Biden is expected to announce an executive order in the coming days to strengthen America’s cyberdefences.

The order, drafts of which have been circulating to government officials and corporate executives for weeks and summaries of which were obtained by The New York Times, is a new road map for the nation’s cyberdefence.

It would create a series of digital safety standards for federal agencies and contractors that develop software for the federal government, such as multi-factor authentication, a version of what happens when consumers get a second code from a bank or credit-card company to allow them to log in. It would require federal agencies to take a “zero trust” approach to software vendors, granting them access to federal systems only when necessary, and require contractors to certify that they comply with steps to ensure that the software they deliver has not been infected with malware or does not contain exploitable vulnerabilities.

And it would require that vulnerabilities in software be reported to the US government. Violators would risk having their products banned from sale to the federal government, which would, in essence, kill their viability in the commercial market.

So far, intelligence officials said, all the indications are that the pipeline attack was simply an act of extortion by the DarkSide group, which first began to deploy such ransomware in August, and is believed to operate from Eastern Europe, possibly Russia.

In this case, the ransomware was not directed at the control systems of the pipeline, federal officials and private investigators said, but rather the back-office operations of Colonial Pipeline.

A preliminary investigation showed poor security practices at Colonial Pipeline, according to federal and private officials familiar with the inquiry. The lapses, they said, most likely made the act of breaking into and locking up the company’s systems fairly easy.

Colonial Pipeline has not answered questions about what kind of investment it had made in protecting its networks, and refused to say whether it was paying the ransom. And the company appeared reluctant to let federal officials bolster its defences.

“Right now, they’ve not asked for cybersupport from the federal government,” Anne Neuberger, the deputy national security adviser for cyber and emerging technology, told reporters at a briefing at the White House. She declined to say whether the federal government would advise paying the ransom, noting that “companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data.”

While Neuberger did not say so, that appears to be essentially what happened to Colonial.

Source link

Leave your vote



You May Also Like


Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae.


Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.


Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora.


Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora.

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.