News
US to treat ransomware attacks with same priority as terrorism
The U.S. Department of Justice is elevating investigations of ransomware attacks
The department now plans to treat ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals.
Internal guidance sent to U.S. attorney’s offices across the America stated information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington.
“It’s a specialised process to ensure we track all ransomware cases regardless of where it may be referred in this country,”
said John Carlin, principle associate deputy attorney general at the Justice Department.
The latest development comes after a cyber criminal group which is understood to be based in Russia, penetrated the pipeline operator on the U.S. East Coast, locking its systems and demanding a ransom.
The cyber hack caused a shutdown lasting several days, led to a spike in gas prices, panic buying and localised fuel shortages in the southeast.
Hackers were paid a ransom, Colonial Pipeline boss confirms
The boss of one of the United States’ biggest fuel pipelines says his company paid a $USD 4.4 million ransom to hackers.
The Colonial Pipeline experienced a cyberattack that shut down its nationwide network on 7 May. As such, millions of barrels of petrol, diesel and jet fuel stopped flowing.
Joseph Blount is the CEO of the Colonial Pipeline. He told the Wall Street Journal the ransom was a “highly controversial decision”. But he conceded it “was the right thing to do for the country”.
The 8,900 kilometre pipeline carries 2.5 million barrels a day, or 45 percent of the east coast’s supply of critical fuel supplies.
“I will admit that I wasn’t comfortable seeing money go out the door to people like this,”
Mr Blount explained
However, President Biden believes there was evidence that Russian hackers were involved in the attack.
“So far there is no evidence from our intelligence people that Russia is involved. Although, there is evidence that the actors, ransomware is in Russia, they have some responsibility to deal with this.”
The hackers are from DarkSide, who allegedly steal from larger corporations and give the ransom funds to charity.
The group released a statement on the dark web. “From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”
After the cyberattack, President Joe Biden signed an executive order to strengthen cybersecurity defences across the US.