The colony pipeline paid a ransom of $5 million and maintained a vicious circle


Nearly a week after that Ransomware attack leads to colony pipeline to Stop fuel distribution on the east coast, Report appeared Last Friday, the company paid a ransom of 75 bitcoins (depending on the time of payment, worth up to $5 million) in order to resume services as soon as possible.Although the company can Restart operations on Wednesday night, The decision to succumb to the demands of hackers will only encourage other organizations to move forward. Experts say that to combat real progress in the ransomware epidemic, more companies will need to reject it.

Not that it is easy to do so. The FBI and other law enforcement organizations have long discouraged ransomware victims from paying for digital blackmail, but in fact, many organizations choose to pay. They either don’t have the infrastructure necessary for backup and other recovery, or don’t want or don’t want to spend time recovering on their own, or they decide to just pay the ransom quietly and move on, which is cheaper.Ransomware Group Increasingly review the financial situation of victims before getting into trouble, Enabling them to set the highest price that the victim may still be able to afford.

As far as the colony pipeline is concerned, the DarkSide ransomware organization attacked the company’s business network, rather than the more sensitive operational technology network that controls the pipeline. However, the colony also shut down its old network in an attempt to contain the damage, increasing the pressure to solve the problem and restore fuel flow along the east coast. Another potential factor in the decision, First Reported The zero-day difference is because the company’s billing system has been infected by ransomware, so it cannot track fuel allocations and bill customers.

Advocates of zero tolerance for ransom payments hope that the voluntary closure of the Colony Pipeline Company is a sign of the company’s refusal to pay. report It was stated on Wednesday that the company had a persistent plan, but there were many follow-up reports on Thursday, Bloomberg leader, Confirming that a ransom of 75 bitcoins has been paid. Colonial Pipeline did not respond to WIRED’s payment request. It is not clear whether the company paid the ransom shortly or a few days after the attack, as fuel prices increased and gas station lines increased.

Brett Callow, a threat analyst at the antivirus company Emsisoft, said: “I can’t say I’m surprised, but it’s certainly disappointing.” “Unfortunately, this will help make America’s critical infrastructure Providers stand out. If an industry proves to be profitable, they will continue to work hard.”

In a briefing on Thursday, White House Press Secretary Jen Pskai generally emphasized that the US government encourages victims to not pay. Others in the Obama administration were even more impressed. “Colonial is a private company, and we will postpone their decision to pay them a ransom,” Anne Neuberger, deputy national security adviser for Internet and Emerging Technologies, said at a press conference on Monday. She added that ransomware victims “face a very difficult situation. When they have no choice but to pay the ransom, they often have to strike a balance between cost and benefit.”

Researchers and policy makers have been working hard to provide comprehensive guidance on ransom payment issues. If every victim in the world suddenly stops paying the ransom and insists firmly, the attack will stop quickly because there is no incentive to induce criminals to continue committing crimes. The researchers say that coordinating a mandatory boycott seems impractical and could lead to more payments in secret.Be the ransomware gang Evil company attacked Garmin last summer, the company Ransom was paid through an intermediary. It is not uncommon for large companies to use middlemen to make payments, but Garmin’s situation is particularly noteworthy because Evil Corp has been sanctioned by the US government.


Source link