The FBI said it has identified the hackers who shut down the East Coast’s main gas and diesel pipeline last week as a group from Eastern Europe. DarkSide, a relatively new group of hackers, created the malicious computer code that led to the shutdown of the Colonial Pipeline network, The Wall Street Journal reported on Monday (May 10).
The group published a statement on the Dark Web on Monday saying it was an apolitical group out solely to make money, and that the attack was not tied to a foreign government. DarkSide did not directly claim responsibility for the hack, which has crippled the 5,500-mile pipeline that runs from the Gulf Coast to New Jersey.
“U.S. officials and cybersecurity investigators involved in responding to the pipeline hack have viewed DarkSide as a leading suspect in the attack since its discovery last week, according to people familiar with the matter,” the Journal reported. “They have come to that preliminary determination in part due to commonalities in the malicious code used in the attack that links it to previous attacks carried out by the group, one of the people said.”
The story noted that energy traders were preparing for a spike in fuel prices on Monday, with analysts predicting that they could rise if the pipeline isn’t running in the next few days. Colonial said it hoped to have service “substantially” restored by the end of the week.
DarkSide claims to have broken into more than 80 company networks since last summer, and says its ranks are filled with expert ransomware creators. They said they deal in extortion, threatening to reveal data belonging to victims who don’t pay ransoms, while also selling information about publicly traded companies to businesses that don’t pay.
As PYMNTS noted earlier this week, ransomware is a growing threat, with hackers growing more and more sophisticated and capable every time someone pays them.