Meanwhile, “apolitical” DarkSide hackers “didn’t mean to create problems.”
In response to the Colonial Pipeline shut-down in the wake of a ransomware cyber-attack, the Federal Motor Carrier Safety Administration issued a regional emergency declaration in 17 states and the District of Columbia.
The regional emergency declaration from the Department of Transportation lifts restrictions for motor carriers and drivers who are providing assistance to areas that are suffering a shortages of “gasoline, diesel, jet fuel, and other refined petroleum products” in the wake of the Colonial pipeline shutdown.
The regional emergency declaration affects the following territories: Alabama, Arkansas, the District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.
The declaration grants drivers and carriers relief from “Parts 390 through 399 of Title 49 Code of Federal Regulations except as restricted herein.”
These regulations are reinstated once a driver or commercial motor vehicle is used for interstate commerce that does not provide assistance to help the shortage.
The FBI confirmed that a criminal gang known as DarkSide compromised Colonial Pipeline’s networks.
“Our goal is to make money and not creating problems for society,” DarkSide wrote on its website.
…DarkSide posted a statement on its website on Monday, describing itself as “apolitical”.
“We do not participate in geopolitics, do not need to tie us with a defined government and look for… our motives,” the group said.
The group also indicated it had not been aware that Colonial was being targeted by one of its affiliates, saying: “From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”
DarkSide is a relatively new group, but they have been on the radar of cybersecurity analysts for a while.
According to Boston-based Cybereason, DarkSide is an organized group of hackers set up along the “ransomware as a service” business model, meaning the DarkSide hackers develop and market ransomware hacking tools, and sell them to other criminals who then carry out attacks. Think of it as the evil twin of a Silicon Valley software start-up.
…Cybereason reports that DarkSide has a perverse desire to appear ethical, even posting its own code of conduct for its customers telling them who and what targets are acceptable to attack. Protected organizations not to be harmed include hospitals, hospices, schools, universities, nonprofit organizations, and government agencies. Also apparently protected are entities based in former Soviet countries. Fair game, then, are all for-profit companies in English speaking countries.
DarkSide also maintains that it will donate a portion of its profits to charities, although some of the charities have turned down the contributions.
“No matter how bad you think our work is, we are pleased to know that we helped change someone’s life,” the hackers wrote. “Today we sended [sic] the first donations.”
Reports indicate that the hackers have experience and ties to Russia.
#DarkSide hackers behind Colonial Pipeline attack appear to be a new collective, but its members are likely experienced, veteran cyber criminals with links to Moscow @CBS_Herridge reports on the spectrum of attribution from state directed to tacit approval pic.twitter.com/NYwn8rQMgR
— Catherine Herridge (@CBS_Herridge) May 10, 2021
Meanwhile, Colonial Pipeline has reopened some smaller lines between terminals and delivery points, but that its main pipeline network remained down with no set timeline for restoration.DONATE
Donations tax deductible
to the full extent allowed by law.