Russian Criminal Group Suspected Over Cyberattack That Forced Shutdown of Top U.S. Pipeline


The White House has declared a state of emergency and is mobilizing amid reports that a criminal organization originating from Russia was responsible for a cyberattack against a major American fuel pipeline.

The Colonial Pipeline Company was hit by a ransomware attack over the weekend that shut down its network and disrupted its system to transport fuel through the southern and eastern states. The company took several of their systems offline to contain the damage against their operations and IT systems, plus they’ve hired a cybersecurity firm to investigate the attack.

“At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation,” the company said in a statement obtained by NBC News. “This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline.”

Multiple reports have attributed the attack to DarkSide, a relatively new collective of Russian hackers who steal data from victims, put it up for ransom, and engage in other kinds of cyber extortion. Commerce Secretary Gina Raimondo was asked about the attack’s impact on Face The Nation, and she said the matter was a “top priority” for the Biden administration.

“It’s an ‘all hands on deck’ effort right now,” said Raimondo. “We are working closely with the company, state and local officials, to make sure that they get back up to normal operations as quickly as possible and there aren’t disruptions in supply.”

The latest reporting is that the Energy Department is working with the FBI and the Department of Homeland Security to lead the government’s response.

UPDATE – 1:05 a.m. ET: the FBI has affirmed DarkSide’s involvement in the hack.

Watch above, via CBS.

Have a tip we should know?

Filed Under: