- Home
- World
- News
- OPINION - Ransomware Groups Unlikely to Attack Critical Infrastructure After Colonial Pipeline
OPINION - Ransomware Groups Unlikely To Attack Critical Infrastructure After Colonial Pipeline
Fahad Shabbir (@FahadShabbir) Published May 18, 2021 | 02:42 PM
Hacking groups using ransomware to extort money from commercial companies are unlikely to target critical infrastructure like the Colonial Pipeline in the future, after the devastating social disruptions the attack on the key US pipeline caused last week, an expert specializing in tracing such groups told Sputnik
MOSCOW (UrduPoint News / Sputnik - 18th May, 2021) Hacking groups using ransomware to extort money from commercial companies are unlikely to target critical infrastructure like the Colonial Pipeline in the future, after the devastating social disruptions the attack on the key US pipeline caused last week, an expert specializing in tracing such groups told Sputnik.
A ransomware group known as DarkSide was identified by the Federal Bureau of Investigation as the culprit behind the hacking attack on the Colonial Pipeline last week, when the company was forced to shut down operations of the pipeline in response to the attack and triggered major gas shortages in a number of US states along the country's southeastern coast.
One week before the attack on the Colonial Pipeline, another ransomware group known as Babuk said it had stolen 250 gigabytes of data from the Washington DC police department and demanded as much as $4 million in ransom payment.
According to research from DarkTracer, a Darkweb Criminal Intelligence Profiling Investigation Platform, ransomware groups like the DarkSide began to leak internal data from the victim companies as early as May 2019 on the Darkweb.
The latest attacks from DarkSide and Babuk were just the more recent high profile cases that made news headlines, because of the massive social impact of those attacks.
However, as those ransomware groups are profit driven, the media attention and the serious social consequences of the recent attacks may dissuade such groups from targeting similar critical infrastructure in the future, a member of the DarkTacer team who only wished to be identified as "Director Hu" due to the sensitive nature of the issue told Sputnik.
"We believe that general criminals like ransomware groups including Darkside would be unwilling to attempt such big attacks that are large enough to paralyze critical infrastructure. We are expecting attacks on infrastructure by small-medium ransomware group will decrease due to the social pressure," Hu said.
After the Colonial Pipeline attack grabbed news headlines around the world, the DarkSide group issued a statement on its website stressing that the group was not interested in geopolitics or causing major social disruptions.
"We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives. Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future," the statement said.
Nevertheless, state-backed hackers would still be willing to attack critical infrastructure and lead a target nation to a standstill, Hu added.
The DarkSide group's website went offline last week, after the reported $5 million payout. According to an internet security researcher identified as Russian OSINT, the group lost access to its blog, payment server and DOS servers after the attack on the Colonial Pipeline.
In order to quickly resume its operations and halt the gas shortage, the Colonial Pipeline Company reportedly paid the DarkSide group $5 million in ransom payment.
Hu suggested such high payout could encourage more ransomware groups to become more active.
According to the data compiled by DarkTracer, a total of 34 ransomware groups have stolen data from 2187 victim organizations since May 2019.
"Currently, 2 of 34 ransomware groups had seized by law enforcement, while 4 of 34 has retired and ceased activities on their own," Hu said.
According to Hu, April became the most active month for the ransomware groups, when ransom activities increased significantly in some groups and several new groups appeared.
The most active group in April was a group known as Avaddon, which has attacked 132 victim companies.
The ransomware groups usually run a website on the Darkweb with a domain name ending with .onion, which is an anonymous service that is only accessible through the famous Tor Project.
Related Topics
Recent Stories
One woman died after speedy bus overturned
155 killed in Tanzania as heavy rains lash East Africa
Parliament committed to resolve public issues on priority basis: Ghulam Mustafa
Collaborative Care of Diabetes Centre inaugurated in Faisalabad
Usain Bolt named ICC Men’s T20 World Cup 2024 Ambassador
PM visits martyred Customs official's residence in Abbottabad
Ethiopian Special envoy urges Lahore's traders fraternity to join trade delegati ..
Kazakhstan envoy meets commissioner
Safari Park to welcome Madhubala elephant in May
2 ring leaders among 3 terrorists killed in Khyber operation
Govt committed to developing gems, jewelry sector: Minister
Punjab CM Maryam faces legal challenge for wearing police uniform
More Stories From World
-
155 killed in Tanzania as heavy rains lash East Africa
10 seconds ago -
COP29 host says deal on climate aid essential but offers few details
26 minutes ago -
Ukraine jails couple for helping Russia strike hospital
39 minutes ago -
Togo opposition asks W.Africa court to overturn reforms
49 minutes ago -
Paris landmark Moulin Rouge's windmill sails collapse
1 hour ago -
Ahead of feared Rafah invasion, Palestinians mourn bombardment dead
1 hour ago
-
155 killed in Tanzania as heavy rains cause floods, landslides: PM
1 hour ago -
Car giants vie for EV crown at Beijing's Auto China show
1 hour ago -
Chinese defense minister to attend SCO meeting in Kazakhstan
1 hour ago -
China-Bangladesh to hold joint military exercise in May
1 hour ago -
Residents protest as Venice launches five-euro entry fee
2 hours ago -
Portugal marks 50 years of democracy with far right on rise
2 hours ago