Culture

Russian hacking group DarkSide shuts down largest U.S. fuel pipeline

WOODBRIDGE, NEW JERSEY - MAY 10: Fuel holding tanks are seen at Colonial Pipeline's Linden Junction Tank Farm on May 10, 2021 in Woodbridge, New Jersey. Alpharetta, Georgia-based Colonial Pipeline, which has the largest fuel pipeline, was forced to shut down its oil and gas pipeline system on Friday after a ransomware attack that has slowed down the transportation of oil in the eastern U.S. On Sunday, the federal government announced an emergency declaration that extends through June 8th and can be renewed. On Monday, the FBI confirmed that the cyberattack was carried out by DarkSide, a cybercrime gang believed to operate out of Russia. (Photo by Michael M. Santiago/Getty Images)

45%

The percentage of all fuel supplied to the East Coast by the Colonial Pipeline

New York Times

Michael M. Santiago/Getty Images News/Getty Images

A Russia-based hacking operation calling itself DarkSide managed to kneecap the U.S. East Coast’s domestic fuel supplies in a massive ransomware attack late last week, prompting the Department of Transportation to issue a temporary emergency declaration to help “ramp up alternative transportation routes for oil and gas,” as described by NBC News. All four main lines of the Colonial Pipeline, a 5500-mile route supplying around 45 percent of the East Coast’s gasoline and airplane fuel, are currently shut down as organizers “dedicate vast resources to restoring pipeline operations quickly and safely,” according to an official press release on Colonial’s website.

In response, the U.S. Department of Transportation issued a rarely-seen emergency declaration to circumvent the situation, suspending certain regulations for transportation drivers in 17 states, allowing them to work more overtime hours and on less sleep than normally required by law. The new safety restrictions waiver is set to expire on June 8, but can be re-upped if needed. Given Colonial’s vague assurances and still-unclear timeline to a full restoration, that renewal could be necessary by this time next month.

DarkSide claims ‘apolitical’ motives — The Russian hacking group responsible for the current crisis, DarkSide, reportedly denies any political motives behind the transportation nightmare, and that its members are simply out to make a quick ruble. “We are apolitical, we do not participate in geopolitics,” reads an alleged statement from the organization, adding there isn’t a need “to tie us with a defined goverment [sic]... Our goal is to make money and not creating problems for society.” While this is often a bluff, Anne Neuberger, deputy national security adviser for cyber and emerging technologies, believes DarkSide to be its own “criminal actor” without ties to groups like Russian organized crime and/or the country’s government.

All that said, DarkSide sounds oddly apologetic near the end of its statement, promising to “introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”

Ransomware is all the rage these days — Ransomware, the act of encrypting an individual or group’s data (and often threatening to leak it) unless victims pay off the hackers, has long been an extremely popular cyber-crime, but it’s enjoyed even more of a resurgence in recent months. In April, a group calling itself Babuk hit the Washington D.C. police department with a ransomware attack, threatening to release confidential information like informant identities to gangs if they weren’t paid (they weren’t, and unfortunately made good on their promise). Earlier in the year, hackers also ran a similar attack against CD Projekt Red, makers of 2020’s biggest gaming debacle, Cyberpunk 2077.

We’re hesitant to cheer on a hacking collective, even if they (allegedly) unintentionally dealt a blow to the fossil fuel industry, so we’ll just end our roundup with the fact that DarkSide is objectively a great, badass name for a secretive group of cyber-criminals.