Colonial Pipeline, the country’s largest fuel pipeline, was forced to shut down operations after being hit by ransomware.
The Colonial Pipeline exports refined petroleum products from Gulf Coast refineries to markets in the southern and eastern United States. Via its 5,500-mile pipeline, the company pumps 2.5 million barrels a day, accounting for 45 percent of all fuel consumed on the East Coast.
Colonial Pipeline was hit by ransomware, according to CNBC, and the company had to shut down the entire network to prevent the malware from spreading.
The company confirmed the attack and announced that in order to contain the assault, they had taken some systems offline and temporarily suspended all pipeline operations.
Latest in Cybersecurity: Microsoft Edge blocks Firefox installer: Report
They’ve enlisted the help of a reputable third-party cybersecurity agency, and an investigation into the extent and severity of the incident has already begun.
According to the Washington Post, the attack is suspected to be the result of the DarkSide ransomware activity.
When DarkSide gains access to a corporate network, it will spread to other devices while collecting passwords and stealing unencrypted data, similar to other enterprise-targeting ransomware operations.
Once they have access to Windows domain passwords, they can use the ransomware to encrypt devices around the network.
If DarkSide was behind the attack, they most likely stole the data that will be used to extort money from Colonial Pipeline in the form of ransom demands.
You might also like: Beware: Foxit Reader bug allows hackers run malicious code via PDFs
CompuCom, Discount Car and Truck Rentals, and Brookfield Residential are one of the few of the high-profile assaults carried out by the DarkSide gang in the past.
Earlier this month, REvil ransomware gang targeted Quanta and threatened to leak Apple Products blueprints.