Is the Colonial Pipeline operating after the Darkside cyber-attack that got shut down by ransomware that bypassed the government's cyber-experts?
Is the petroleum company operational after the Darkside cyber-attack?
According to Colonial Pipeline, which was forced to close due to a ransomware attack, it would supply all the oil, diesel, and jet fuel it can safely transfer to restore markets interrupted by the cyber-attack. This will be an attempt to normalize operations after the online attack, reported CNET.
The firm said the product delivery supply chain could take several days to return to normal when it posted an update on the company's webpage. They added that interruption and service would not be good, cited ABC News 4.
Colonial's ransomware intrusion has highlighted the country's critical infrastructure's weakness, which has been the target of an increasing number of cyberespionage. The company that operates the East Coast's main gas artery was closed last Friday to cope with the ransomware uncovered on its computer networks.
Darkside, according to the FBI, is responsible for the cyber-attack. Said the Washington Post, Colonial is not planning on paying the ransom and is collaborating with a cybersecurity firm to restore its data.
The detailed plan supports creating a Cyber Safety Review Board, which will consult after significant incidents. The board will be representatives of the defense and justice departments and members from several intelligence agencies and private sector experts. Decision on operating after the Darkside cyber-attack will include how to avoid another ransomware hack.
Parts of the East Coast have been affected by the shutdown, with some residents having waited an hour or more at gas stations. Though federal and state officials have advised against queuing at the pump, impulse buying has escalated.
How the Cyber-attack began
A ransomware attack was made against Colonial Pipeline. The hackers began their assault on Thursday by extracting about 100 gigabytes of data as part of a double extortion scheme, told an outlet. To stop the malicious code from expanding, the company shut down some of its activities.
Hackers encrypted the company's digital information with ransomware, a type of malware, and hold it hostage until a fee is paid. The attackers snatch the data and attempt to publish it in a double extortion scheme.
The Washington Post announced last Wednesday that the firm was not paying the hackers a ransom. Instead, the article said they collaborated with a cybersecurity company to restore data from backup systems, citing people familiar with the process. But Colonial Pipeline did not give any comment yet.
How did the firm arrest the cyber assault?
Immediately petroleum supply firm recalled it moved to cut off their networks from the internet to stop the ransomware from getting more information. It meant shutting all the working pipelines affected simultaneously, and the company said the hacking compromised its IT systems.
Sources close to the company said all systems and operations might be working by the week's end. Colonial serves in 14 states and operates in seven airports. Its system is the largest in the United States, spanning more than 5,500 miles and distributing more than 100 million gallons of fuel per day.
Colonial said on Wednesday that it would be operating after the Darkside cyber-attack, but it may take some time.