Printer-friendly copy Email this topic to a friend
Lobby General Discussion topic #13432588

Subject: "Colonial Pipeline Paid Hackers Nearly $5 Million in Ransom" Previous topic | Next topic
Numba_33
Charter member
17787 posts
Thu May-13-21 11:03 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
"Colonial Pipeline Paid Hackers Nearly $5 Million in Ransom"


  

          

This blows my mind. I wonder how often this is done on the low with major companies.

link: https://finance.yahoo.com/news/colonial-pipeline-paid-hackers-nearly-141548661.html

swipe:

Colonial Pipeline Paid Hackers Nearly $5 Million in Ransom
William Turton, Michael Riley and Jennifer Jacobs

Thu, May 13, 2021, 10:47 AM·3 min read

(Bloomberg) -- Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.The company paid the hefty ransom in untraceable cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.

Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.

A representative from Colonial declined to comment, as did a spokesperson for the National Security Council.

The hackers, which the FBI said are linked to a group called DarkSide, specialize in digital extortion and are believed to be located in Russia or Eastern Europe.

On Wednesday, media outlets including the Washington Post and Reuters reported that the company had no immediate intention of paying the ransom. Those reports were based on anonymous sources.

Ransomware is a type of malware that locks up a victim’s files, which the attackers promise to unlock for a payment. More recently, some ransomware groups have also stolen victims’ data and threatened to release it unless paid -- a kind of double extortion.

Deputy National Security Advisor Anne Neuberger on Monday acknowledged that sometimes companies may have no choice but to pay ransoms, telling reporters: “We recognize, though, that companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data.”

The FBI discourages organizations from paying ransom to hackers, saying there is no guarantee they will follow through on promises to unlock files. It also provides incentive to other would-be hackers, the agency says. Such guidance provides a quandary for victims who have to weigh the risks of not paying with the costs of lost or exposed records.

A report released last month by a ransomware task force said the amount paid by ransomware victims increased by 311% in 2020, reaching about $350 million in cryptocurrency. The average ransom paid by organizations in 2020 was $312,493, according to report.

Colonial, which operates the largest fuel pipeline in the U.S., became aware of the hack around May 7 and shut down its operations, which led to fuel shortages and lines at gas stations along the East Coast.

(Updates with U.S. government awareness in second paragraph.)

For more articles like this, please visit us at bloomberg.com

Subscribe now to stay ahead with the most trusted business news source.

©2021 Bloomberg L.P.

"Sean sparks like John Starks, nah, Sean ball like John Wall" - Rest In Power Forever Sean Price.

  

Printer-friendly copy | Reply | Reply with quote | Top


Topic Outline
Subject Author Message Date ID
It's done a lot privately, but publicly for something...
May 13th 2021
1
A gas crisis would blow up the entire administration
May 13th 2021
3
      If you think gas is a crisis, wait until all the other...
May 13th 2021
4
           RE: If you think gas is a crisis, wait until all the other...
May 13th 2021
11
           in Biden’s defense at least he has said the words Cyber Security
Jun 07th 2021
18
Probably happens OFTEN, but this time we found out early and publicly
May 13th 2021
2
It's fairly common.
May 13th 2021
5
This might be the "opportunity" for Biden to get his infrasture bill don...
May 13th 2021
6
ah yes, true. they better leverage this HOARD
May 13th 2021
12
It just happened to a school district around here (swipe)
May 13th 2021
7
Damn. They recruiting?
May 13th 2021
8
Ransomware is real. It wasn’t taken seriously years ago, so a lot of
May 13th 2021
9
Why aren’t more politicians talking about cyber security?
May 13th 2021
10
because it's an afterthought for many folks.
May 13th 2021
13
^ This here ^
May 15th 2021
16
they'd have to understand the internet first
May 13th 2021
14
coy once told Dad they wanted to go paperless
Jun 08th 2021
20
Cyberinsurance companies have been hinting about needing ransomware prot...
May 15th 2021
15
DOJ has recovered millions of dollars of crypto paid to hackers
Jun 07th 2021
17
Cheap
Jun 07th 2021
19

imcvspl
Member since Mar 07th 2005
42185 posts
Thu May-13-21 11:05 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
1. "It's done a lot privately, but publicly for something... "
In response to Reply # 0


  

          

For something with clear national security implications is unheard of. Game done changed.

█▆▇▅▇█▇▆▄▁▃
Big PEMFin H & z's
"I ain't no entertainer, and ain't trying to be one. I am 1 thing, a musician." � Miles

"When the music stops he falls back in the abyss."

  

Printer-friendly copy | Reply | Reply with quote | Top

    
MEAT
Member since Feb 08th 2008
20979 posts
Thu May-13-21 11:06 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
3. "A gas crisis would blow up the entire administration"
In response to Reply # 1
Thu May-13-21 11:07 AM by MEAT

  

          

Particularly one driven by panic and a treasonous right wing media/political ecosystem
Biden said he aint gonna be no Jimmy Carter

------
“There is no fate that cannot be surmounted by scorn.” -Albert Camus

  

Printer-friendly copy | Reply | Reply with quote | Top

        
imcvspl
Member since Mar 07th 2005
42185 posts
Thu May-13-21 11:12 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
4. "If you think gas is a crisis, wait until all the other... "
In response to Reply # 3


  

          

Holes in our infrastructure are under constant attack. Biden better be accelerating that infrastructure budget asap,cause motherfuckers about to be doing everything they can to get that quick $5M.

█▆▇▅▇█▇▆▄▁▃
Big PEMFin H & z's
"I ain't no entertainer, and ain't trying to be one. I am 1 thing, a musician." � Miles

"When the music stops he falls back in the abyss."

  

Printer-friendly copy | Reply | Reply with quote | Top

            
Numba_33
Charter member
17787 posts
Thu May-13-21 12:26 PM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
11. "RE: If you think gas is a crisis, wait until all the other... "
In response to Reply # 4


  

          

>Holes in our infrastructure are under constant attack. Biden
>better be accelerating that infrastructure budget asap,cause
>motherfuckers about to be doing everything they can to get
>that quick $5M.


To my knowledge, Colonial Pipeline is a privately held company, not one run by the government. If that's the case, how much responsibility should the government hold for ensuring their cybersecurity is up to par?

I can't believe I'm going to sound like a right-leaning Republican on this issue, but there should be monetary limits to much more the government is re$pon$ible for footing the bills on this matter.

For publicly held and managed lands/utilities, that's a whole other separate matter IMO.

It should be interesting to see of Congress' perceptions changes as result of this pipeline attack regardless though.

"Sean sparks like John Starks, nah, Sean ball like John Wall" - Rest In Power Forever Sean Price.

  

Printer-friendly copy | Reply | Reply with quote | Top

            
legsdiamond
Member since May 05th 2011
69888 posts
Mon Jun-07-21 02:58 PM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
18. "in Biden’s defense at least he has said the words Cyber Security"
In response to Reply # 4


          

in a speech

****************
TBH the fact that you're even a mod here fits squarely within Jag's narrative of OK-sanctioned aggression, bullying, and toxicity. *shrug*

  

Printer-friendly copy | Reply | Reply with quote | Top

MEAT
Member since Feb 08th 2008
20979 posts
Thu May-13-21 11:05 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
2. "Probably happens OFTEN, but this time we found out early and publicly"
In response to Reply # 0


  

          

probably to stop the panic.

------
“There is no fate that cannot be surmounted by scorn.” -Albert Camus

  

Printer-friendly copy | Reply | Reply with quote | Top

Nopayne
Member since Jan 03rd 2003
52365 posts
Thu May-13-21 11:23 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy listClick to send message via AOL IM
5. "It's fairly common."
In response to Reply # 0


  

          

Every once in a while you hear about a hospital getting got.

---
Love,
Nopayne

  

Printer-friendly copy | Reply | Reply with quote | Top

Buddy_Gilapagos
Charter member
46080 posts
Thu May-13-21 11:27 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
6. "This might be the "opportunity" for Biden to get his infrasture bill don..."
In response to Reply # 0


  

          


**********
"Everyone has a plan until you punch them in the face. Then they don't have a plan anymore." (c) Mike Tyson

"what's a leader if he isn't reluctant"

  

Printer-friendly copy | Reply | Reply with quote | Top

    
Damali
Member since Sep 12th 2002
35150 posts
Thu May-13-21 04:58 PM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
12. "ah yes, true. they better leverage this HOARD"
In response to Reply # 6


          


"But rest assured, in my luxurious house built on the backs of people darker than me, I am sipping fine scotch and scoffing at how stupid you are." - bshelly

  

Printer-friendly copy | Reply | Reply with quote | Top

Marbles
Member since Oct 19th 2004
21790 posts
Thu May-13-21 11:34 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
7. "It just happened to a school district around here (swipe)"
In response to Reply # 0


  

          


https://www.tampabay.com/news/florida/2021/04/20/florida-school-district-refuses-hackers-40-million-ransom-sees-26000-files-published/

FORT LAUDERDALE — Hackers who sought $40 million in ransom from a South Florida school district that refused to pay have now published nearly 26,000 stolen files.

Many of the files, dated from 2012 to March 2021, contain Broward School District accounting and other financial records, which include invoices, purchase orders, and travel and reimbursement forms, the South Florida SunSentinel reported. None of the files reviewed by the newspaper so far contained Social Security numbers.

The international malware group Conti posted the files Monday, the newspaper reported. Last month the hackers posted a transcript of a conversation with an unidentified Broward schools representative which offered to pay $500,000 to retrieve data. The hackers initially demanded $40 million but dropped the price to $10 million.

On March 31, the district announced it had no intention of paying a ransom.

Kathy Kochhe, the district’s chief communications officer, said in a statement that officials are analyzing the content of the posted material do determine next steps, and will notify anyone whose personal information was shared.

“Cybersecurity experts are continuing to investigate the incident and enhance measures system-wide,” the statement said.

The district, which is the nation’s sixth largest with 271,000 students, has published questions and answers about the breach on its website at browardschools.com. The school district has an annual budget of about $4 billion — a fact the hackers kept returning to as they demanded $40 million, to be paid in cryptocurrency.

The published files includes more 750 employee mileage reports, 36 employee travel reimbursement forms, more than 700 invoices for spring water, more than 1,000 invoices for school construction work, about 400 payments to Broward Sheriff’s Office or local police departments for security, dozens of utility bills and several employee phone lists, the newspaper reported.

While the vast majority of the data appeared to be public records, some confidential material was shared, the report said. A March 2020 invoice for $14 from the state health department that includes the name and birthdate of a 9-year-old student who was being examined for a disability. Some invoices name bus drivers who visited urgent care centers. And several documents list employee benefits.

“It doesn’t sound like it was that big,” Jorge Orchilles chief technology officer for the cybersecurity company Scythe, told the SunSentinel. “It looks like they made the right decision not to pay ransom. At this point, there’s no point in paying it because all the information is already out there.”

The hackers said on their website they may have more information.

“If you are a client who declined the deal and did not find your data on cartel’s website or did not find valuable files, this does not mean that we forgot about you,” the website says. “It only means that data was sold and only therefore it did not publish in free access!”

Last week, the school district’s chief information officer warned the Broward School Board that a new cyber-attack could affect the ability to pay employees and keep schools open. Phil Dunn requested $20 million to enhance the district’s cyber-security efforts, and the board plans to make a final decision soon.

In 2021, there have already been at least 21 successful ransomware attacks in the U.S. education sector, disrupting 550 schools, Brett Callow, a threat analyst for the anti-malware company Emsisoft, told the newspaper.

  

Printer-friendly copy | Reply | Reply with quote | Top

Hitokiri
Charter member
21196 posts
Thu May-13-21 11:37 AM

Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
8. "Damn. They recruiting?"
In response to Reply # 0


  

          

I could be their copy editor or something.

--
"You can't beat white people. You can only knock them out."

"There is only one god and his name is death. And there is only one thing we say to death: not today."

  

Printer-friendly copy | Reply | Reply with quote | Top

allStah
Member since Jun 21st 2014
5249 posts
Thu May-13-21 11:56 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
9. "Ransomware is real. It wasn’t taken seriously years ago, so a lot of "
In response to Reply # 0


          

governments and nations are way behind in technology. So now they have to
play catch-up

Imagine you’re a major political figure, and you’re in a smart car, which gets hacked.
And then you’re held for ransom by a hacker who is located somewhere on another
Continent.

Kidnapping, hijacking,etc are about to go to another level.

Almost everything about our existence, except our flesh, is computer/system
related.

I’ve always been a futurist and optimist in regards to life, because the evolution
of tech and science offer so many possibilities of what man can do....but not at
the expense of privacy and liberation.


HIS NAME IS MASON MOUNT
Bulls | Bears | White Sox | Yankees | Notre Dame | Illinois | Chelsea | Real Madrid

  

Printer-friendly copy | Reply | Reply with quote | Top

legsdiamond
Member since May 05th 2011
69888 posts
Thu May-13-21 12:04 PM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
10. "Why aren’t more politicians talking about cyber security?"
In response to Reply # 0


          

I actually heard Biden speak on it a little but we still get off on abortion and gun lws every election.

****************
TBH the fact that you're even a mod here fits squarely within Jag's narrative of OK-sanctioned aggression, bullying, and toxicity. *shrug*

  

Printer-friendly copy | Reply | Reply with quote | Top

    
tariqhu
Charter member
15894 posts
Thu May-13-21 10:13 PM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy listClick to send message via AOL IM
13. "because it's an afterthought for many folks."
In response to Reply # 10


          

especially the old heads in power. but also they don't know shit about tech. they may have a bead on security in general like using bollards around buildings, but they need specialist for cyber.

Y'all buy those labels, I was born supreme

  

Printer-friendly copy | Reply | Reply with quote | Top

        
Mafamaticks
Member since Jan 12th 2004
4365 posts
Sat May-15-21 11:01 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
16. "^ This here ^"
In response to Reply # 13


  

          

I guarantee one of them oldheads in charge got a project plan to upgrade and patch their systems. They looked at it and said it was too expensive.

I'd bet it was cheaper than 5 mil. Now they have to pay the 5 mil on top of whatever they need to do to update their security.

  

Printer-friendly copy | Reply | Reply with quote | Top

    
BrooklynWHAT
Member since Jun 15th 2007
81433 posts
Thu May-13-21 11:54 PM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
14. "they'd have to understand the internet first"
In response to Reply # 10


  

          

<--- Big Baller World Order

  

Printer-friendly copy | Reply | Reply with quote | Top

    
Ted Gee Seal
Member since Apr 18th 2007
10090 posts
Tue Jun-08-21 03:32 PM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
20. "coy once told Dad they wanted to go paperless"
In response to Reply # 10


  

          

Dad says cool I'm taking away all your printers.

The stories I could tell you about trying to get employees to comply with security policies.

And that's in a *quasi* government organisation. Once it's in more political departments it's a nightmare.

Just IMO though.

  

Printer-friendly copy | Reply | Reply with quote | Top

nonaime
Charter member
2993 posts
Sat May-15-21 04:14 AM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
15. "Cyberinsurance companies have been hinting about needing ransomware prot..."
In response to Reply # 0
Sat May-15-21 04:39 AM by nonaime

          

for a couple years now. We get a questionnaire we have to fill out every year, it's been focused on ransomware recently...the insurers will be getting to a point / are getting to a point where they aren't asking if you have certain controls in place, but are telling you to have those controls in place.


~~~~~~~~
A bad Samaritan averaging above average men (c) DOOM

  

Printer-friendly copy | Reply | Reply with quote | Top

PimpTrickGangstaClik
Member since Oct 06th 2005
15364 posts
Mon Jun-07-21 02:20 PM

Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
17. "DOJ has recovered millions of dollars of crypto paid to hackers"
In response to Reply # 0


  

          

How the hell you robbers gonna rob the robber (c) Project Pat

https://www.cnn.com/2021/06/07/politics/colonial-pipeline-ransomware-recovered/index.html

Washington (CNN)US investigators have recovered millions of dollars in cryptocurrency paid in ransom to hackers whose attack prompted the shutdown of the key East Coast pipeline last month, according to people briefed on the matter.

The Justice Department on Monday is expected to announce details of the operation led by the FBI with the cooperation of the Colonial Pipeline operator, the people briefed on the matter said.
The ransom recovery is a rare outcome for a company that has fallen victim to a debilitating cyberattack in the booming criminal business of ransomware.
Colonial Pipeline Co. CEO Joseph Blount told The Wall Street Journal In an interview published last month that the company complied with the $4.4 million ransom demand because officials didn't know the extent of the intrusion by hackers and how long it would take to restore operations.

But behind the scenes, the company had taken early steps to notify the FBI and followed instructions that helped investigators track the payment to a cryptocurrency wallet used by the hackers, believed to be based in Russia. US officials have linked the Colonial attack to a criminal hacking group known as Darkside that is said to share its malware tools with other criminal hackers.
A spokesman for the Justice Department declined to comment, and CNN has reached out to the Colonial Pipeline operator.

  

Printer-friendly copy | Reply | Reply with quote | Top

Triptych
Charter member
29933 posts
Mon Jun-07-21 03:23 PM

Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy listClick to send message via AOL IMClick to send message via ICQ
19. "Cheap"
In response to Reply # 0


  

          

That pipeline moves 100 million gallons a day.

$5M to be basically given a plan to start patching system-critical vulnerabilities is a bargain.

Cheap just as a wake up call.

____________________________

http://twitter.com/irefox
http://stackoverflow.com/users/43089/triptych
http://github.com/djtriptych

  

Printer-friendly copy | Reply | Reply with quote | Top

Lobby General Discussion topic #13432588 Previous topic | Next topic
Powered by DCForum+ Version 1.25
Copyright © DCScripts.com