Until now, intelligence officials said, all indications were that it was merely an act of extortion by the group, which first began deploying such ransomware last August, and is believed to be from Eastern Europe, possibly Russia Will operate. There was also some evidence in the group’s own statements on Monday, which suggested that the group intended to withdraw money from the company, and was surprised that it ended up supplying the main gasoline and jet fuel for the Eastern Seaboard. .
The attack exposed the significant vulnerability of a critical drain to energy in the United States as hackers become more vivid in taking over critical infrastructure such as critical grids, pipelines, hospitals, and water treatment facilities. The city governments of Atlanta and New Orleans, and in recent weeks, the Washington, DC, Police Department, have also been affected.
The explosion of ransomware cases stemmed from the rise of cybersecurity – which has led many companies and governments to be ripe targets for criminal gangs who believe their targets will pay – and cryptocurrencies, making it harder to forcibly pay payments .
In this case, ransomware was not directed at the pipeline’s control systems, federal officials and private investigators said, but rather the firm’s back-office operations. However, fears of more losses forced the company to shut down the system, a move that overcame huge vulnerabilities in the patch-together network that keeps gas stations, truck stops, and airports operational.
An initial investigation showed poor safety practices in the colonial pipeline, according to federal and private officials familiar with the investigation. He said, most likely, the process of breaking and locking the company’s system was fairly easy.