“Terribly sorry for all the trouble” is more or less what Darkside said after their ransomware infected, and paralysed a US oil pipeline last month.
What they actually said, via a press release was that their goal is to make money, not to create problems for society.
Problems are exactly what they created, and elevated the threat of all out cyber war, and its consequences to a whole new level.
The Colonial pipeline is a 5,500 miles long network that pumps 2.5 million barrels of oil daily from the Texan gulf coast, up the Eastern seaboard of the US as far as New York. It supplies 45% of the oil, gasoline and jet fuel for the region. It supplies government contractors, airports and military sites, as well as keeping gas stations for the general public topped up.
Cyber criminal gang Darkside managed to switch it off for five days. Despite what you might think, it’s not a burly Texan with a hard hat and a giant wrench that turns pipelines on and off these days, but complex software that controls and maintains this colossal chunk of engineering. Darkside penetrated the system with complicated malicious ransomware that locks up the operating systems and demands a ransom is paid, often via untraceable Bitcoin transfers. If you don’t pay, or the deadline to do so expires, vital files are deleted, or sensitive information published on the darker bits of the internet. The disruption was virtually instant, with supply problems and panic buying from drivers, to the re-routing of aircraft to chase dwindling fuel supplies, to the mobilisation of road and marine tankers to try to fill the empty tanks. Fuel price rises and drops in stock market indices followed.
It’s a growing business. Already in 2021 more than 100 American entities have been hit costing around $75 billion in ransoms, or disruption to business. It seems to be getting easier, and more sophisticated. With many people working from home for the last year, data networks are now being accessed from outside the workplace, from spare rooms, to garden shed offices and coffee shop wifi all now being used to access the critical networks that run companies and handle precious data. The increased vulnerabilities are a rich hunting ground for would-be bad guys. The increased connectivity of ‘the internet of things’ that is right around the corner as 5G allows more things to talk to more other things will increase vulnerability yet further.
Darkside themselves operate a complicated ‘business’ model themselves and don’t appear to be too shy about talking about it.
They say that they don’t actually do the hacking themselves, but operate a franchise style operation. They develop the customised ransomware and then license it to outsourced baddies in return for a fee, or a cut of the ransom.
The FBI and other cyber crime investigators around the globe and not completely clear where Darkside is based, or who it is working for, but it seems likely that they are operating from Russia, or another former Soviet nation. Darkside, the Kremlin, and President Biden were all quick to dismiss links to the Russian government. I’m not about to go pointing the finger in print, and I suspect the editor wouldn’t want me to, but it is difficult to see that a Russian group attacking critical US infrastructure wasn’t doing so with at least the tacit approval of the state.
To drag this kicking and screaming into a nautical reference it’s a modern day reworking of the 16th century days of piracy in the Carribean. Spain was doing a roaring trade in extracting gold and silver from the Americas, enriching itself and becoming a military threat to England. The English navy could not possibly be seen to be engaging with the Spanish treasure ships directly without risking a diplomatic incident and rapid escalation, but should the Spanish ships fall victim to nasty pirates it would be mighty convenient. So called ‘privateers’ like Francis Drake stole lavishly from the Spanish, with the tacit approval of the English throne on the maxim that my enemy’s enemy is my friend.
It’s long been postulated, but it is increasingly obvious that future conflicts are likely to be played out this way, and perhaps via the proxies of these modern day privateers, but with less rum, and a more savvy media engagement.
By Phill McCoffers – The Islander Economics Correspondent
Read more Legal & Financial articles: https://theislander.net/category/c94-legal/
