What is your take on the Colonial Pipeline ransomware attack?

[SenseiSteve]

For reference, see https://www.newsmax.com/newsfront/hack-ransomware-computers-darkside/2021/05/15/id/1021508

Should Colonial have paid 5 million in cryptocurrency to meet Darkside's demand, or no? Seeing that Colonial had backups and had to use them to expedite restoring their services, were they basically forced to give in to paying Darkside to come back online, given the severity of the shutdown? I can't fathom living in the affected areas of the USA paying $6.99 per gallon IF their local gas station even had gas.

 

[bigredseo]

I have issues with it myself, especially a large utility.

I find it hard to believe that the facility didn't have a redundant system to kick online just in case. The restoration of backups - yes, it takes a while, but days? Seems like something else was going on.

The group who did the ransomware I think were out of their league too. I don't think they actually thought everything would shut down for several days - and from places I've been reading, that's probably why they asked for such a low ransom too.

I think there was more going on. Politically motivated? Financially motivated? Who knows - but it doesn't make sense that such an infrastructure would be vulnerable at a single source like that. Talk about a terrorist trial run!!

 

[SenseiSteve]

Just read today that Colonial paid them 4.4 million and had no reservations paying it for the good of the country.

 

[bigredseo]

Yup, and the Bitcoin was tracked, and the hacking group has now disbanded (for whatever that is worth). I'm guessing they just changed their name to a new name