Any idea whodunnit, as they say ? Russian hackers ?

The hacking group DarkSide has been pretty open about their involvement, I believe. Yes, likely based in Russia (or possibly Eastern Europe). Probably not working at the direction of the Russian government, in this incident. But Russia has a habit of ignoring the activities of hacking groups like this unless they are dumb enough to target a Russian entity. And it isn't shy about enlisting such groups in support of Russian government objectives from time to time.
 
Any idea whodunnit, as they say ? Russian hackers ?

The hacking group DarkSide has been pretty open about their involvement, I believe.

DarkSide seems to have manufactured the tools, but someone else bought them and used them. That someone else could have been the Russian government, the Chinese government, a Jihadi terrorist organization, a supervillain, an ecoterrorist faction, one of the pipeline operators competitors, a disgruntled former employee, a politician looking to bring down fossil fuels, a politician looking to strengthen fossil fuel infrastructure, or just some Bitcoin millionaire teens doing it for the lulz. Hell, it could even be the CIA or NSA or Homeland Security checking to see how vulnerable the infrastructure really is.
 
The way I understand DarkSide's MO is that they actually conduct the hacks using their tools, but the target selection is done by someone else. And I think the communications we've seen are very consistent with it being a straight up criminal enterprise. Whoever was working with DarkSide found a target that seemed like it had money. If it were ideological, we'd have gotten a manifesto by now.
 
A possible scenario:

Hello. This the anonymous hacker group. We need to use your services.

"How can we help?'

We need to send untraceable cryptocurrency to an untraceable address.

"No problem. There will be a fee of 5% of the total. Agreed?"
 
Last Friday, Colonial Pipeline. This Friday, the Irish Health Authority:

(It's the correct link, it's an entry within the Guardian's live Covid blog which is why the headline is off, there's a follow up story later in the same blog)


ETA the second link, which declares "An international cybercrime gang behind Ireland's ransomware attack"


Sounds like we're looking for someone who has Friday off work or (considering typical hackers) school/college.
 
Last edited:

Attachments

  • omegalul.png
    omegalul.png
    28.7 KB · Views: 5


Yeah, I wouldn't bet large sums on that. "Oh, no, your feeble attempt to reign us in has destroyed us! I guess we're ruined and done! No need for you to bother with us anymore! it's okay to let your guard down, even for a moment!"
 
Yeah, I wouldn't bet large sums on that. "Oh, no, your feeble attempt to reign us in has destroyed us! I guess we're ruined and done! No need for you to bother with us anymore! it's okay to let your guard down, even for a moment!"
I wouldn't bet on it either, but it's still absolutely hilarious. These clowns will be back some way or another.
 
Is it legal to pay ransom in the US nowadays?
The whole company management doesn't get immediately jailed for financing criminal organizations, sabotaging national security and stuff?
 
Is it legal to pay ransom in the US nowadays?
The whole company management doesn't get immediately jailed for financing criminal organizations, sabotaging national security and stuff?

Yes, it is legal, except in kidnappings. And companies routinely do pay in overseas kidnappings too.

National security has not been significantly endangered here. The vast majority of the problem right now is people panic buying gas they don't need. Colonial compounded the situation by shutting down when the only thing that was compromised was their billing system. The pipeline itself was always operable.
 
Cybersecurity costs money right now and every day that it's in use. This may include using one's one employees instead of overseas contractors (when I did software development for an Electric Boat sub-contractor, the sub-contractor wanted to move as much development as possible overseas. EB resisted, at least at that time, but Bath Iron Works, with the same sub-contractor, didn't), paying them more than "competitive" wages, treating them well, not as a commodity as disposable as used toilet paper, and and possibly using heavily encrypted networks, high-security operating systems, and carefully including internal firewalls as well as external. In the case of Colonial, there should have been no way for a properly designed system to permit a connection between accounting or personnel's computer systems and the pipeline's physical operations. And watch your inputs.
exploits_of_a_mom.png
 
Primary monitoring and control: Network based, modern, computerized, great, I like it. If hacked or system is down for any other reason, manual backup for pumping and distributing fuel with radio-type communications perhaps? I in a national emergency, pump and distribute fuel by any means possible, we used to accomplish this before computers and networks decades ago, just amazing, redundancy for critical systems/infrastructure, boy, have we lost our way???
 
View: https://twitter.com/MarshaBlackburn/status/1394791971500265474

(Subscription or Registration may be required)


 
Last edited:
Primary monitoring and control: Network based, modern, computerized, great, I like it. If hacked or system is down for any other reason, manual backup for pumping and distributing fuel with radio-type communications perhaps? I in a national emergency, pump and distribute fuel by any means possible, we used to accomplish this before computers and networks decades ago, just amazing, redundancy for critical systems/infrastructure, boy, have we lost our way???

The pipelines have manual controls. Switching to a manual system for segregating and directing the wide variety of fuels a pipeline carries to the right place (losing an invoice system obviously throws this into confusion) and manually inspecting for damage after a possible attack takes time.

The fuel shortages were only indirectly caused by the pipeline shutdown in any case - the increased demand of panic-buying meant that local tank farms couldn't resupply gas stations fast enough. This was exacerbated by the persistent nation-wide trucker shortage.
 
Last edited:

 

Good, they asked for it. Regulate them into a fine paste.
 
 
 
7:33am

Hackers target oil sites​

Good morning.
Details are starting to come through about a spate of cyber attacks targeting European oil companies this week.
Two German fuel storage firms – Mabanfaft and Oiltanking – were crippled by a ransomware software known as Black Cat. The hackers are thought to have links to the Russian group that attacked the Colonial Pipeline in the US last year, sparking shortages and panic buying.
There were other IT issues at sites across Malta, Belgium and the Netherlands this week, though it's unclear if these are linked to the German attacks.
It comes amid heightened tensions over a potential conflict between Russia and Ukraine. Any conflict or sanctions could threaten oil supply to Europe.

7:42am

Oil pushes higher despite cyber attacks​

The cyber attacks across Europe appear to have had little impact on oil prices, which are headed for their seventh weekly gain.
West Texas Intermediate hit a fresh seven-year high as it neared $91 a barrel – on track for a jump of more than 4pc this week.
Benchmark Brent crude has also pushed higher. It's jumped 17pc since the start of the year, with analysts predicting it will reach $100 this year.
The recent gains come amid tensions between Russia and Ukraine, with concerns a conflict could hit supply to Europe. Investors have also raised doubts over Opec's ability to deliver its plans to boost output.

 
If only we had some oil and some kind of control over Russian oil pipelines.
 
If only we had some oil and some kind of control over Russian oil pipelines.
Well, we do have some oil. Certainly not enough to be completely independent of imports, but it would help if government policy hadn't encouraged profligacy for decades.

I would presume (hope!) that the US has some offensive cyber attack capability that could be deployed against some Russian pipelines, preferably showing the attack is coming from China or North Korea.
 
That was sarcasm.
If only we had some oil and some kind of control over Russian oil pipelines.
Well, we do have some oil. Certainly not enough to be completely independent of imports, but it would help if government policy hadn't encouraged profligacy for decades.

I would presume (hope!) that the US has some offensive cyber attack capability that could be deployed against some Russian pipelines, preferably showing the attack is coming from China or North Korea.
Under Trump we were close to, if not entirely, energy independent. Also we were holding up Russia's Nord Stream 2 pipeline.

 
Last edited:
I would presume (hope!) that the US has some offensive cyber attack capability that could be deployed against some Russian pipelines, preferably showing the attack is coming from China or North Korea.

It is currently completely implausible for Xi's state hackers, let alone Kims', to attack Putin's kleptocracy in any way. Too many aligning interests; not to say these actors are above double crossing anyone (think Molotov-Ribbentrop treaty) but I just can't think of what would motivate them to do so just now. Perhaps if Putin's Ukraine campaign backfires so badly that Russia has a leadership crisis (not an insignificant possibility) there will be opportunities for China but even so, impossible to say how taking advantage of those might manifest. China is not without its vulnerabilities when it comes to the availability of energy.

The US does have some very extensive capabilities but the rules of reciprocity and symmetry don't apply as well to cyber influencing operations (or even destructive acts) as other means. Oil being largely fungible complicates the proposition further; as long as Russia, as an another oil producer, remains effectively in the same market space as the US the effects of driving up prices through attacks differ somewhat for the actors involved. Putin's oligarchs (a state within a state) and Russia's national wealth funds are very dependent on both the price of oil (and natural gas) and their ability to export those; to a certain extent some mayhem benefits them. Their delivery infrastructures toward Europe and Asia, I think, are wholly separate affairs. There are reasons why Russia's attacks on US's and EU's systems have still been "plausibly deniable" (if only just, outsourcing to "ransomware gangs" which has also served as cover for actual destructive operations against Ukraine). All of this doesn't bode well for a simple tit-for-tat approach though it must be said we've already stretched the concept of strategic patience with this behavior into absurd dimensions. Biden's administration is currently hurriedly arranging for sufficient energy availability for Europe if Putin's actions warrant the truly exclusionary sanctions it now seems they will, perhaps that will simplify matters with regard to considering the ramifications of using offensive cyber operations somewhat.

Also it must be said that using cyber capabilities does also most likely expire them quickly; it's not fire and forget but "fire and rebound". One would better have a surefire defense ready for a weapon oneself deploys. Sadly in the past decades there have been many examples of latent capabilities that were not used extensively being leaked through data mismanagement, lax security protocols and, let's say, "human factors". These were soon used against western democracies themselves.
 
Under Trump we were close to, if not entirely, energy independent.
Thanks to efforts largely done under President Obama. The question of 'energy independence' is also more nuanced and indeed, the perceived drop can be attributed in part to the difference between demand and supply ramp ups. I suggest you read the likes of the following:

 
Under Trump we were close to, if not entirely, energy independent.
Thanks to efforts largely done under President Obama. The question of 'energy independence' is also more nuanced and indeed, the perceived drop can be attributed in part to the difference between demand and supply ramp ups. I suggest you read the likes of the following:

I read that very article, hence: "close to, if not entirely, energy independent". In either case, it's gone now. Many drilling locations in the gulf have been shut down and auctioned off (apparently drilling in the gulf is okay as long as we're not the ones doing it), Keystone pipeline - dead, and other restrictions adopted by the Biden administration to put the squeeze on oil in the US.

 
Primary monitoring and control: Network based, modern, computerized, great, I like it. If hacked or system is down for any other reason, manual backup for pumping and distributing fuel with radio-type communications perhaps? I in a national emergency, pump and distribute fuel by any means possible, we used to accomplish this before computers and networks decades ago, just amazing, redundancy for critical systems/infrastructure, boy, have we lost our way???

The pipelines have manual controls. Switching to a manual system for segregating and directing the wide variety of fuels a pipeline carries to the right place (losing an invoice system obviously throws this into confusion)
This hits the nail on the head. The system to move the oil maybe completely untouched, but if you can't prove who bought what product at what price to be delivered on what day, then big brother will burn your house down, because most pipelines on land are regulated.
 
Under Trump we were close to, if not entirely, energy independent.
Thanks to efforts largely done under President Obama. The question of 'energy independence' is also more nuanced and indeed, the perceived drop can be attributed in part to the difference between demand and supply ramp ups. I suggest you read the likes of the following:

I read that very article, hence: "close to, if not entirely, energy independent". In either case, it's gone now. Many drilling locations in the gulf have been shut down and auctioned off (apparently drilling in the gulf is okay as long as we're not the ones doing it), Keystone pipeline - dead, and other restrictions adopted by the Biden administration to put the squeeze on oil in the US.

There's a lot of nuance to "energy independent", but we were independent of the Persian Gulf back before 2013 when I switched from the military to oil and gas. Western hemisphere sources, namely Canada, Mexico and Brazil could make up what the US couldn't produce. The nuance comes with the type of oils US refineries are designed to process, many are set up for mid to heavy grades (originally from the PG, more on this later) while most of the new tight (shales) production is very light and sweet. It makes more sense to export the light sweet and import mid/heavy (arbitrage) hence the "net exporter" "mostly independent" qualifications.

Now, where stuff like the Keystone Pipeline hurts is that the Canadian tar sand mixed with Alberta condensate is a great replacement for the mid/heavy PG grades that some of the newer gulf coast refineries were built to refine. Those are the ones a major European IOC had a public divorce with the Saudi's over their decision not to use Saudi oil after the JV agreement lapsed.

The politics become quite interesting when carbon intensity is considered. Shales (tight oil/gas) and tar sands are the most carbon intensive ways to extract hydrocarbons, hence why Keystone had to be stopped (they also donated their money to the ugly orange man). The mega deep water developments are the least carbon intense hydrocarbons to produce and transport. That's why it doesn't surprise to see the current admin proceed with the lease sales. As for not US companies developing the fields, only the IOC's have the deep pockets to spend $20-30 B to find, develop, produce and transport deep water assets for 20-30 years necessary to get a return on investment. So that's BP, Chevron, Exon, Shell and Total. The other reason deep water is preferable to the "shallow" offshore production is that the royalties only go to the feds, the shallow stuff gets split with the states. Even if everything went hydrogen and electric tomorrow, there would still need to be hydrocarbon production to support chemicals, plastics and other products. Even a "green" admin will tolerate production, just so long as it's the "right" production, produced by the "right" producers who will use the profits to develop "green" low carbon energy for the "people".

This BTW in no way reflects the view of my employer... Just a viewpoint from inside the industry.
 

Similar threads

Back
Top Bottom