The hacker group has been blamed for ransom attacks this weekend Colon Colonial Petroleum Pipeline It simply wanted to make money and lamented that it “creates problems for society”.
In this Post the statement on Monday, The criminal group known as Darkside said it was “apocalyptic” and tried to blame it for the attack on “partners” who used its ransomware technology.
The hack took a key U.S. oil pipeline offline for three days, threatening to raise fuel prices and forcing the U.S. government to bring in emergency power to keep supplies flowing.
“Our goal is to make money, and not create problems for society,” says Darkside.
Ransomware attacks Hackers are involved in controlling a company’s data or software systems, using encryption to keep owners locked up until paid.
Darkside emerged as a top-of-the-line ransomware outfit last August and is believed to have been driven from Russia by an experienced gang of online criminals. Silicon Valley-based cyber security agency Crowd strike The source of Darkside is known as the Criminal Hacking Group Carbon spider, Which last year focused on “dramatically overheating their activities” Fast growing ransomware field.
“We’re a new product on the market, but that doesn’t mean we have no experience and we’re not from anywhere,” Darkside said earlier.
Brett Collo, an analyst at cybersecurity group Amisoft, said: “DarkSite does not eat in Russia. It checks the language used by the system and exits without encrypting if it is Russian.
He added that the team rented its services on the Dark Web. “Darkside is a ransomware-as-a-service operation. I assume that the attack on the Colon colony was carried out by an authorized person and is concerned about the level of attention the group has received.
DarkSite runs its own “press office” on how ransomware has become a professional industry and claims to have an ethical approach to picking its goals. Darkside’s website claims that “based on our policies” it will refrain from attacking medical institutions such as hospitals, care homes and vaccine developers; Funeral service providers; Schools and universities; Non-profit and government agencies.
This stands in stark contrast to the rest of the ransom industry, for which healthcare providers and the public sector are among the biggest targets. Colon Colonial Pipeline is a private company Co-owned by investors Shell, KKR and Coach Capital.
Kaspersky, an IT security firm, said DarkSite’s goal was to “generate as much online buzz as possible.”
“The more media attention, the more widespread fear of DarkSite, the greater the likelihood that subsequent victims will simply decide to pay rather than create problems,” said Kaspersky researcher Roman Didenok recently. Blog post.
Previous targets include property group Brookfield, Discountcar.com, car rental group Enterprise’s Canadian subsidiary, and US Depot-based IT support provider Compucom, owned by Office Depot’s parent company.
The incidental response service provider for victims of cybercrime found in Array that Darkside often targets professional services and manufacturing companies, with ransom claims ranging from between $ 3 to 10 10m, although evidence from sleeping computers for security news found a ransom of several thousand dollars.
In an email interview with Security Blog Databrechnet, A Darkside representative calling himself a “DarkShop” said that before deciding on the amount of clothing the ransom should claim – how much their goal could pay – for example, looking at their insurance coverage
“We only attack companies that can pay the requested amount,” Darkside said earlier. “We don’t want to kill your business.”
According to a screenshot of a hunter published Sleeping computer, Darkside sends each target a clear list of instructions titled “Welcome to Darkness”. Specific information and samples of stolen information are presented and victims are warned that they will refuse to pay but these will be published online for at least six months. This strategy of keeping both locked out of their systems and the threat of embarrassing them by stealing data from the public is also known as “double extortion”.
Darkside hackers try to reassure their victims that they will play by their own rules, saying: “We valued our reputation. If we do not do our job and responsibility, no one will pay us.” Even when their victims pay. It is then offered to provide technical support “in case of problems” using their decryption tool.
#TechFT brings news, commentary and analysis from experts around the world to the fastest growing major companies, technologies and issues. Click here Get #techFT in your inbox.
Ransomware attacks increased by 62 percent last year, according to firewall developers SonicwallWith more than 200-meter hits in the United States. This was partly driven by the epidemic, as traders were forced to flee their offices to protect their remote employees as well as the rise of bitcoin, through which many hackers demanded payment. A recent survey by insurance group Hiscox found that ransomware paid more than half of those targeted