US Pipeline Attacked with Ransomware

8910336854?profile=RESIZE_400xUS Atlanta based Colonial Pipeline Company said in a statement last Friday that it was the victim of a cybersecurity attack, and so "proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems."  An updated statement over the weekend it said it had "determined that this incident involves ransomware."

A former U.S. official and two industry sources have told media that the group DarkSide is among the suspects of this ransomware.  Cybersecurity experts who have tracked DarkSide said it appears to be composed of veteran cybercriminals who are focused on squeezing out as much money as they can from their targets.  Red Sky Alliance sources in Atlanta are saying the company is being very tight lipped about the attack.  This cyber-attack was briefed up to the US President.  

Colonial Pipeline is the largest US refined products pipeline system and can carry more than 3 million barrels of gasoline, diesel and jet fuel between the US Gulf Coast and the New York Harbor area.  Colonial was founded in 1961 and construction of the pipeline began in 1962.:p.19–20 The pipeline is 5,500-miles (8,850-km) long.  

8910336897?profile=RESIZE_400x

Colonial Pipeline's owners include Koch Industries (a.k.a. Koch Capital Investments Company LLC, 28.09% stake ownership), South Korea's National Pension Service and Kohlberg Kravis Roberts (a.k.a. Keats Pipeline Investors LP, 23.44% stake ownership), Caisse de dépôt et placement du Québec (16.55% stake ownership via CDPQ Colonial Partners LP), Royal Dutch Shell (a.k.a. Shell Pipeline Company LP, 16.12% stake ownership), and Industry Funds Management (a.k.a. IFM (US) Colonial Pipeline 2 LLC, 15.80% stake ownership).

Red Sky Alliance is   a   Cyber   Threat   Analysis   and   Intelligence Service organization.  Analysts have been tracking the oil and gas industires for the past several years.  The Energy Sector is a major target for hackers.  For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com.

Reporting:  https://www.redskyalliance.org/

Website:     https://www.wapacklabs.com/

LinkedIn:    https://www.linkedin.com/company/wapacklabs/

Twitter:      https://twitter.com/wapacklabs?lang=en

Weekly Cyber Intelligence Briefings: 

https://attendee.gotowebinar.com/register/8782169210544615949

Sources:
FAQ, Colonial Pipeline website Archived October 3, 2008, at the Wayback Machine

Cyberattack prompts Colonial Pipeline to halt operations - CBS News

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!