Notice: amp_is_available was called incorrectly. `amp_is_available()` (or `amp_is_request()`, formerly `is_amp_endpoint()`) was called too early and so it will not work properly. WordPress is currently doing the `pre_get_posts` hook. Calling this function before the `wp` action means it will not have access to `WP_Query` and the queried object to determine if it is an AMP response, thus neither the `amp_skip_post()` filter nor the AMP enabled toggle will be considered. It appears the theme with slug `publisher` is responsible; please contact the author. Please see Debugging in WordPress for more information. (This message was added in version 2.0.0.) in /home/runcloud/webapps/techilive/wp-includes/functions.php on line 5313
Colonial Pipeline paid $5m ransom, reports say - TechiLive.in

Colonial Pipeline paid $5m ransom, reports say

0

Colonial Pipeline, the US operator of fossil fuel distribution infrastructure that was hit by a DarkSide ransomware attack last week, may have paid a $5m ransom to the ransomware operators within hours of being locked out of critical systems, according to reports.

According to anonymous sources close to the incident, Colonial Pipeline paid the ransom in an unidentified cryptocurrency and received the decryption tool. However, this tool allegedly worked so slowly that the company restored a good amount of its data from backups, which somewhat negated the point of paying.

Loading...

Bloomberg, which was first to report the apparent payment, also said the US government was aware a ransom had been paid.

Fuel deliveries across the Colonial Pipeline infrastructure are understood to have resumed on Wednesday 12 May, and according to CNN, the resumption of operations was delayed because the ransomware attack hit the firm’s billing system – therefore it was forced to shut off supplies because it could not guarantee it would be paid by its customers.

At the time of writing, Colonial Pipeline’s security partner Imperva is blocking legitimate access to its website from outside the US using its Cloud Application Service. It has therefore not been possible at the time of writing to establish any response from the company.

Loading...

Armis’ European cyber risk officer, Andy Norton, said: “I don’t think we are at the end of this story, there is no clear winner here. DarkSide may have been paid $5m to destroy the data they hold and unencrypt the affected files, but in doing so, they became a global news story and consequently a bargaining chip in future US and Russia dealings.

“DarkSide clearly knows it is public enemy number one right now, even issuing an apology about the collateral damage to their attack [and] other criminal affiliates will be trying to distance themselves from Darkside, to avoid getting rolled up in the future law enforcement investigations,” he said. “If there is a loser, it’s the cyber insurance company behind Colonial, who now have to cover the costs.”

Robert Golladay, EMEA and APAC director at Illusive, said that the fact Colonial Pipeline may have had insurance against ransomware could have been a factor in why it was targeted to begin with. “Hackers are figuring out who is insured, which tells them the company has assets that are valuable and will be in a position to pay,” he said.

Loading...

“As we see in the Colonial attack, instances of ransomware are growing in size and scale.  This type of attack is exploding because it works, scales and is predictable, and it’s a way for attackers to make easy money. Some of the criminal enterprises, like DarkSide, are funnelling the money they make back into the tools they are using.”

In a further development, unconfirmed reports have emerged today (Friday 14 May) that the DarkSide ransomware infrastructure has been seized and taken offline, possibly in a law enforcement response.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

Loading...

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Loading...

Read original article here

Denial of responsibility! TechiLive.in is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – admin@techilive.in. The content will be deleted within 24 hours.

Leave a comment