Archibald

ACCESS: Above Top Secret
Senior Member
Joined
Jun 6, 2006
Messages
6,042
Reaction score
4,427
Any idea whodunnit, as they say ? Russian hackers ?
 

TomS

ACCESS: Top Secret
Senior Member
Joined
Apr 16, 2008
Messages
4,797
Reaction score
2,180
Any idea whodunnit, as they say ? Russian hackers ?

The hacking group DarkSide has been pretty open about their involvement, I believe. Yes, likely based in Russia (or possibly Eastern Europe). Probably not working at the direction of the Russian government, in this incident. But Russia has a habit of ignoring the activities of hacking groups like this unless they are dumb enough to target a Russian entity. And it isn't shy about enlisting such groups in support of Russian government objectives from time to time.
 

Orionblamblam

ACCESS: Above Top Secret
Top Contributor
Senior Member
Joined
Apr 5, 2006
Messages
8,357
Reaction score
2,197
Website
www.aerospaceprojectsreview.com
Any idea whodunnit, as they say ? Russian hackers ?

The hacking group DarkSide has been pretty open about their involvement, I believe.

DarkSide seems to have manufactured the tools, but someone else bought them and used them. That someone else could have been the Russian government, the Chinese government, a Jihadi terrorist organization, a supervillain, an ecoterrorist faction, one of the pipeline operators competitors, a disgruntled former employee, a politician looking to bring down fossil fuels, a politician looking to strengthen fossil fuel infrastructure, or just some Bitcoin millionaire teens doing it for the lulz. Hell, it could even be the CIA or NSA or Homeland Security checking to see how vulnerable the infrastructure really is.
 

TomS

ACCESS: Top Secret
Senior Member
Joined
Apr 16, 2008
Messages
4,797
Reaction score
2,180
The way I understand DarkSide's MO is that they actually conduct the hacks using their tools, but the target selection is done by someone else. And I think the communications we've seen are very consistent with it being a straight up criminal enterprise. Whoever was working with DarkSide found a target that seemed like it had money. If it were ideological, we'd have gotten a manifesto by now.
 

edwest2

ACCESS: Top Secret
Joined
Nov 9, 2007
Messages
1,659
Reaction score
896
A possible scenario:

Hello. This the anonymous hacker group. We need to use your services.

"How can we help?'

We need to send untraceable cryptocurrency to an untraceable address.

"No problem. There will be a fee of 5% of the total. Agreed?"
 

DWG

ACCESS: Top Secret
Joined
Feb 11, 2007
Messages
1,181
Reaction score
1,183
Last Friday, Colonial Pipeline. This Friday, the Irish Health Authority:

(It's the correct link, it's an entry within the Guardian's live Covid blog which is why the headline is off, there's a follow up story later in the same blog)


ETA the second link, which declares "An international cybercrime gang behind Ireland's ransomware attack"


Sounds like we're looking for someone who has Friday off work or (considering typical hackers) school/college.
 
Last edited:

dannydale

ACCESS: Secret
Joined
May 13, 2007
Messages
376
Reaction score
188

Attachments

  • omegalul.png
    omegalul.png
    28.7 KB · Views: 3

Orionblamblam

ACCESS: Above Top Secret
Top Contributor
Senior Member
Joined
Apr 5, 2006
Messages
8,357
Reaction score
2,197
Website
www.aerospaceprojectsreview.com


Yeah, I wouldn't bet large sums on that. "Oh, no, your feeble attempt to reign us in has destroyed us! I guess we're ruined and done! No need for you to bother with us anymore! it's okay to let your guard down, even for a moment!"
 

dannydale

ACCESS: Secret
Joined
May 13, 2007
Messages
376
Reaction score
188
Yeah, I wouldn't bet large sums on that. "Oh, no, your feeble attempt to reign us in has destroyed us! I guess we're ruined and done! No need for you to bother with us anymore! it's okay to let your guard down, even for a moment!"
I wouldn't bet on it either, but it's still absolutely hilarious. These clowns will be back some way or another.
 

dan_inbox

ACCESS: Top Secret
Senior Member
Joined
Sep 3, 2006
Messages
928
Reaction score
487
Is it legal to pay ransom in the US nowadays?
The whole company management doesn't get immediately jailed for financing criminal organizations, sabotaging national security and stuff?
 

TomS

ACCESS: Top Secret
Senior Member
Joined
Apr 16, 2008
Messages
4,797
Reaction score
2,180
Is it legal to pay ransom in the US nowadays?
The whole company management doesn't get immediately jailed for financing criminal organizations, sabotaging national security and stuff?

Yes, it is legal, except in kidnappings. And companies routinely do pay in overseas kidnappings too.

National security has not been significantly endangered here. The vast majority of the problem right now is people panic buying gas they don't need. Colonial compounded the situation by shutting down when the only thing that was compromised was their billing system. The pipeline itself was always operable.
 

1635yankee

ACCESS: Confidential
Joined
Aug 18, 2020
Messages
71
Reaction score
69
Cybersecurity costs money right now and every day that it's in use. This may include using one's one employees instead of overseas contractors (when I did software development for an Electric Boat sub-contractor, the sub-contractor wanted to move as much development as possible overseas. EB resisted, at least at that time, but Bath Iron Works, with the same sub-contractor, didn't), paying them more than "competitive" wages, treating them well, not as a commodity as disposable as used toilet paper, and and possibly using heavily encrypted networks, high-security operating systems, and carefully including internal firewalls as well as external. In the case of Colonial, there should have been no way for a properly designed system to permit a connection between accounting or personnel's computer systems and the pipeline's physical operations. And watch your inputs.
exploits_of_a_mom.png
 

Hydroman

ACCESS: Restricted
Joined
Jan 28, 2008
Messages
35
Reaction score
81
Primary monitoring and control: Network based, modern, computerized, great, I like it. If hacked or system is down for any other reason, manual backup for pumping and distributing fuel with radio-type communications perhaps? I in a national emergency, pump and distribute fuel by any means possible, we used to accomplish this before computers and networks decades ago, just amazing, redundancy for critical systems/infrastructure, boy, have we lost our way???
 

Grey Havoc

ACCESS: USAP
Senior Member
Joined
Oct 9, 2009
Messages
15,937
Reaction score
5,501
View: https://twitter.com/MarshaBlackburn/status/1394791971500265474

(Subscription or Registration may be required)


 
Last edited:

drejr

ACCESS: Confidential
Joined
Mar 28, 2011
Messages
137
Reaction score
118
Primary monitoring and control: Network based, modern, computerized, great, I like it. If hacked or system is down for any other reason, manual backup for pumping and distributing fuel with radio-type communications perhaps? I in a national emergency, pump and distribute fuel by any means possible, we used to accomplish this before computers and networks decades ago, just amazing, redundancy for critical systems/infrastructure, boy, have we lost our way???

The pipelines have manual controls. Switching to a manual system for segregating and directing the wide variety of fuels a pipeline carries to the right place (losing an invoice system obviously throws this into confusion) and manually inspecting for damage after a possible attack takes time.

The fuel shortages were only indirectly caused by the pipeline shutdown in any case - the increased demand of panic-buying meant that local tank farms couldn't resupply gas stations fast enough. This was exacerbated by the persistent nation-wide trucker shortage.
 
Last edited:

TomS

ACCESS: Top Secret
Senior Member
Joined
Apr 16, 2008
Messages
4,797
Reaction score
2,180

Grey Havoc

ACCESS: USAP
Senior Member
Joined
Oct 9, 2009
Messages
15,937
Reaction score
5,501

 

dannydale

ACCESS: Secret
Joined
May 13, 2007
Messages
376
Reaction score
188

Good, they asked for it. Regulate them into a fine paste.
 

Grey Havoc

ACCESS: USAP
Senior Member
Joined
Oct 9, 2009
Messages
15,937
Reaction score
5,501
 

Grey Havoc

ACCESS: USAP
Senior Member
Joined
Oct 9, 2009
Messages
15,937
Reaction score
5,501
 
Top