The U.S. Department of Justice is elevating investigations of ransomware attacks
The department now plans to treat ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals.
Internal guidance sent to U.S. attorney’s offices across the America stated information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington.
The latest development comes after a cyber criminal group which is understood to be based in Russia, penetrated the pipeline operator on the U.S. East Coast, locking its systems and demanding a ransom.
The cyber hack caused a shutdown lasting several days, led to a spike in gas prices, panic buying and localised fuel shortages in the southeast.
Hackers were paid a ransom, Colonial Pipeline boss confirms
The boss of one of the United States’ biggest fuel pipelines says his company paid a $USD 4.4 million ransom to hackers.
The Colonial Pipeline experienced a cyberattack that shut down its nationwide network on 7 May. As such, millions of barrels of petrol, diesel and jet fuel stopped flowing.
Joseph Blount is the CEO of the Colonial Pipeline. He told the Wall Street Journal the ransom was a “highly controversial decision”. But he conceded it “was the right thing to do for the country”.
The 8,900 kilometre pipeline carries 2.5 million barrels a day, or 45 percent of the east coast’s supply of critical fuel supplies.
“I will admit that I wasn’t comfortable seeing money go out the door to people like this,”
Mr Blount explained
Colonial Pipeline can now report that we have restarted our entire pipeline system and that product delivery has commenced to all markets we serve. https://t.co/kpWNw0UQvepic.twitter.com/9r5hA2CLNn
However, President Biden believes there was evidence that Russian hackers were involved in the attack.
“So far there is no evidence from our intelligence people that Russia is involved. Although, there is evidence that the actors, ransomware is in Russia, they have some responsibility to deal with this.”
The hackers are from DarkSide, who allegedly steal from larger corporations and give the ransom funds to charity.
The group released a statement on the dark web. “From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”