Article

2021-05-12 -Lurid Crime Tales-

US fuel pipeline hackers 'didn't mean to create problems'

[BBC] A cyber-criminal gang that took a major US fuel pipeline offline over the weekend has acknowledged the incident in a public statement.

"Our goal is to make money and not creating problems for society," DarkSide wrote on its website.
"Please don't kill us!"
The US issued emergency legislation on Sunday after Colonial Pipeline was hit by a ransomware cyber-attack.

The pipeline carries 2.5 million barrels a day - 45% of the East Coast's supply of diesel, petrol and jet fuel.

The operator took itself offline on Friday after the cyber-attack. Work to restore service is continuing.

How did cyber-attackers shut off a US pipeline?

The ransomware surge ruining lives

Travelex being held to ransom by hackers

On Monday, the FBI officially confirmed that DarkSide was responsible for compromising Colonial Pipeline's networks, saying that it was continuing to work with the firm and other government agencies on the investigation.

Posted by Besoeker 2021-05-12 06:46|| || Front Page|| [11138 views ] Top

#1 oh ok, all good then.

Posted by Chris 2021-05-12 07:15|| 2021-05-12 07:15|| Front Page Top

Are the evil 'Russian hackers' being replaced by mischievous teenage gamers in a Laurel, Maryland basement ?

Posted by Besoeker 2021-05-12 07:35|| 2021-05-12 07:35|| Front Page Top

#3 "Our goal is to make money..."

Were you long on call options or something like that? What horseshit.

Posted by Raj 2021-05-12 07:57|| 2021-05-12 07:57|| Front Page Top

#4 The time it's taking to restore the pipeline to functionality points to abysmal disaster recovery planning on the operator's part.

Posted by M. Murcek 2021-05-12 08:29|| 2021-05-12 08:29|| Front Page Top

#5 Newt Gingrich has declared this action an act of war that demands the assassination of perpetrators. I agree.

Posted by Gerthudion Whomoper3485 2021-05-12 08:50|| 2021-05-12 08:50|| Front Page Top

#6 Ref #4: The time it's taking to restore the pipeline to functionality points to abysmal disaster recovery planning on the operator's part.

The very obvious solution is the highly successful Dominion computer and software product line.

Posted by Besoeker 2021-05-12 08:55|| 2021-05-12 08:55|| Front Page Top

#7 Hey at least Gaga has her dogs

Posted by Elmerese Shaitle9052 2021-05-12 09:01|| 2021-05-12 09:01|| Front Page Top

#8 NC drivers fight at gas pump as fuel shortage persists, video shows

Posted by Skidmark 2021-05-12 09:03|| 2021-05-12 09:03|| Front Page Top

#9 'didn't mean to create problems'

The time it's taking to restore the pipeline to functionality points to abysmal disaster recovery planning on the operator's part.

Russians continuously overestimate Americans?

Posted by g(r)omgoru 2021-05-12 09:08|| 2021-05-12 09:08|| Front Page Top

#10 Still undisclosed / undiscussed was the critical necessity / boneheaded stupidity that put the controls of this pipeline on the internet in the first place. Obviously this pipeline worked JUST FINE before the internet was invented.
--- Apply any insights or lessons learned from this snafu to the management of the electric grid over the USA. Maybe the US Congress could convene hearings to improve this situation instead of doing President Buy Dung?'s bidding.
--- "Idiocracy" was a prophecy and not just a movie.

Posted by Bubba Lover of the Faeries8843 2021-05-12 09:09|| 2021-05-12 09:09|| Front Page Top

#11 the critical necessity / boneheaded stupidity that put the controls of this pipeline on the internet in the first place.

Hey por que no? We Americans tabulate our election results with computers connected to the internet. What could go wrong?
/s

Posted by Spereper Dribble9890 2021-05-12 09:15|| 2021-05-12 09:15|| Front Page Top

#12 Wonder what Biden gave Putin to make this happen?

Posted by Angstrom 2021-05-12 09:35|| 2021-05-12 09:35|| Front Page Top

#13 /\ Wonder what Biden gave Putin to make this happen?

Publicly calling Putin a 'murderer' might have done the trick.

Posted by Besoeker 2021-05-12 10:23|| 2021-05-12 10:23|| Front Page Top

#14 ^Yea, like Vlad cares.

Posted by g(r)omgoru 2021-05-12 10:24|| 2021-05-12 10:24|| Front Page Top

#15 Did we just witness the Bidet Presidium being introduced to hardball by Putie by calling their bluff and demonstrating what could be done "pur encourager les autres"?

Posted by NoMoreBS 2021-05-12 12:03|| 2021-05-12 12:03|| Front Page Top

#16 It was decent of the Famous But Incompetent to take time out of their harrowing schedule of storming Roger Ailes' home, restoring dignity to the scarred for life Bubba Wallace, and of course recovering Lady Ha-Ha's French bulldog to chime in. But given the source I think I may sit out the latest Russian lynch mob.

After all, who hates America and specifically the American south THAT much?

Posted by Cesare 2021-05-12 12:44|| 2021-05-12 12:44|| Front Page Top

#17 Somewhere is a gaming committee trying to figure out how to make this last through Memorial Day.

Posted by swksvolFF 2021-05-12 13:23|| 2021-05-12 13:23|| Front Page Top

#18 The time it's taking to restore the pipeline to functionality points to abysmal disaster recovery planning on the operator's part.

You back up all your data to tape every night, store the tapes in a secure vault. When a breach occurs, determine the time of the breach and use your tapes to restore everything with data from before that time. Whatever data you collected after that time must be considered lost. Do it as quickly as possible and tell the hackers to FOAD. Take the losses and the fire the people in the IT department who were responsible for cyber security.

What? You weren't backing up your data? You're screwed.

But then, Bubba Lover of the Faeries8843 is also correct. There couldn't possibly have been any need for these computers to be on the internet. Here's hoping that companies will begin to understand this now and take appropriate steps.

As I recall from my IT days before the internet, companies had private networks. They used protocols like X25 and SNA. Yes, they had to use phone lines but if you kept your phone numbers private the Chinese/Russians/Ukrainians/Romanians/Iranians/Maylasians and assorted other bad guys could not find you and, besides that, you only take calls from trusted numbers. Even then, if there are more than three unsuccessful login attempts from a number, disable it.

The internet is for advertising, public relations and online sales. Keep your mission critical data bases well away from it.

Posted by Abu Uluque 2021-05-12 13:26|| 2021-05-12 13:26|| Front Page Top

#19 Apparently the pipeline controls _weren't_ on the internet but the pipeline was shut down anyway while the company did damage control and (presumably) checked for the sort of software that can be used to sabotage airgapped computers.

(And frankly, I'm not really ready to believe anything from the people who spent the last 30 years or so trying to tear the US oilfield down about our supposed lax procedures now that they're most of the way through the process).

Posted by Thing From Snowy Mountain 2021-05-12 13:54|| 2021-05-12 13:54|| Front Page Top

#20 Its a private matter, nothing to see here. Please move along.

Posted by 49 Pan 2021-05-12 16:32|| 2021-05-12 16:32|| Front Page Top

#21 This has been a test of the National 'Red State' Pipeline shutdown alert system. Had this been a real alert, you would have been told to............

Posted by Besoeker 2021-05-12 17:16|| 2021-05-12 17:16|| Front Page Top

#22 ...not use the I-40 Bridge over the Mississippi River.

Posted by swksvolFF 2021-05-12 17:28|| 2021-05-12 17:28|| Front Page Top

#23 /\ Whahahhahaa

Posted by Besoeker 2021-05-12 19:04|| 2021-05-12 19:04|| Front Page Top

#24 So the Houston refineries have all this gas they can't move east but gas prices are still rising in Texas.

Posted by Omaiter Sinatra6457 2021-05-12 19:12|| 2021-05-12 19:12|| Front Page Top

#25 From the article:

On Sunday, Colonial said that although its four main pipelines remained offline, some smaller lines between terminals and delivery points were now operational.

Posted by trailing wife 2021-05-12 19:25|| 2021-05-12 19:25|| Front Page Top

#26 https://www.fireeye.com/mandiant.html
LINK
The company that found the server used to attack the pipeline to be owned by a New York hosting firm and took the server down. They are now restoring the pipeline systems from backups or recreating "what was not backed up."

Posted by Ebbomoger Speaking for Boskone4589 2021-05-12 21:07|| 2021-05-12 21:07|| Front Page Top

#27 That explains this from the BBC article, Ebbomoger Speaking for Boskone4589:

The FBI and other government agencies worked with private companies to respond - the cloud computing system the hackers used to collect the stolen data was taken offline on Saturday, Reuters reported.

Posted by trailing wife 2021-05-12 22:13|| 2021-05-12 22:13|| Front Page Top

07:43 Procopius2k
07:42 BrerRabbit
07:42 Procopius2k
07:39 Procopius2k
07:36 Procopius2k
07:35 Procopius2k
07:34 trailing wife
07:31 Procopius2k
07:30 NN2N1
07:22 NN2N1
07:18 trailing wife
07:14 Richard Aubrey
07:10 NN2N1
07:09 Besoeker
07:03 NN2N1
06:58 NN2N1
06:58 Besoeker
05:28 Whiskey Mike
05:23 Whiskey Mike
05:21 Whiskey Mike
05:18 Whiskey Mike
05:15 Whiskey Mike
05:13 Whiskey Mike
05:08 Whiskey Mike