The Colonial Pipeline Hackers Say They Just Wanted Money, Not Chaos

If they’re looking for enduring happiness, they won’t find it in their extortion games.

ScottCDunn

--

I’ve noticed in the last week or so, that gas prices sure seemed high for this early in the year. It wasn’t until I had read the news of the Colonial Pipeline hack on the east coast, that I understood why. The hacker group, The Dark Side had installed ransomware on servers owned and operated by a pipeline company, encrypting files and making life difficult for millions of people.

I heard that The Dark Side had managed to shut down 45% of the nation’s oil supply with one hack. This of course spiked gas prices and caused more than a thousand gas stations to run out of gas. The Dark Side has managed to extract $5 million from their victim, and supposedly, after they got their money, they released the data for their victims. I have heard that this ransomware business is growing because people are paying to get their data back.

Then I heard that The Dark Side apologized. How nice of them to apologize. “Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.” I guess their expectations were pretty low. They didn’t think that upending business operations at a company that transports 45% of the nation’s oil supply would be too inconvenient for other people who actually work for a living.

I think we can summarize what The Dark Side did in very simple terms. Create a crisis. Extract money from the crisis. Resolve the crisis. Throughout the entire process, nothing of value was created, but boy, did they make some money. They will take that money to upskill their team. They will buy better ransomware, too. They will build better social engineering skills so that they can go after bigger targets for even more money. I bet they’re gonna be high for a week after getting paid so well for creating almost nothing.

The victim, Colonial Pipeline, will have learned a nasty lesson. They will be lighter somewhat in the pocketbook. They probably have business continuity insurance to keep things going, and to cover their losses. The insurance company will pay, and their investigators will try to track down the path that the money took to get to the recipients. Colonial paid the Dark Side 75 bitcoin, or about $5…

--

--