Colonial Pipeline attack: Russia denies involvement as planes are rerouted amid feared gas shortage

Fallout from cyberattack continues as hacking incident takes on geopolitical dimension

Andrew Naughtie
Tuesday 11 May 2021 16:57

FBI identifies group who ‘hacked’ pipeline

Leer en Español

As the US reckons with the potential impact of a ransomeware attack on one of its largest fuel delivery systems, Russia has denied any role in the hack that effectively shut the pipeline down.

The Colonial Pipeline was hit on Friday by an attack that saw 100GB of its data stolen and many of its computer systems locked pending the payment of a ransom to the hackers. The size of the ransom has not been made clear, and nor is it known whether the company has paid it or intends to.

Kremlin spokesman Dmitry Peskov was emphatic in his denial of any Russian involvement. “Russia has nothing to do with these hacking attacks. Russia didn’t have anything to do with hacking attacks that had taken place earlier. We categorically don’t accept any accusations against us in this regard.”

President Joe Biden on Monday stopped short of accusing Russia of any role in the event, though he made clear he would be having words with his Moscow counterpart about it. “I’m going to be meeting with President Putin,” Mr Biden said, “and so far there is no evidence based on, from our intelligence people, that Russia is involved, although there is evidence that the actors, ransomware, is in Russia.

"They have some responsibility to deal with this.”

DarkSide, the group of ransomware attackers named by the FBI as the aggressor, has a reputation for the unusually professional approach it takes to its attacks. In statements put out via its site on the dark net, it has said it’s not motivated by a political agenda and is purely interested in money – and that it will never attack medical, educational, or non-profit organisations.

However, one cybersecurity firm that has reverse-engineered the group’s malware says that it “will check device language settings to ensure they don’t attack Russia-based organisations”, and that the group is known to have actively recruited Russian-speaking partners.

The Kremlin has been blamed by the White House for a major attack in December 2020, the so-called SolarWinds hack that penetrated deep into scores of government and private sector systems, including the Treasury and Commerce departments.

That hack was such a serious incursion that the incoming Biden administration slapped Russia with new sanctions in response, not only expelling certain Russian diplomats and targeting certain individuals’ but also making it harder for the Russian government to borrow.

The White House admitted late on Monday that fuel concerns following the pipeline hack are very much ongoing. Gas stations from Virginia to Florida have reported running out of fuel, and the governor of North Carolina has declared a state of emergency to ensure that drivers have access to enough fuel in case of a shortage to come.

Worries of a rise in fuel prices are particularly acute given the approach of Memorial Day weekend, when millions of Americans are planning to travel by car – many for their first bona fide vacation trips in as much as a year amid the coronavirus pandemic.

The outage’s effects are also extending to airlines. The Colonial Pipeline supplies fuel to several of the East Coast’s major airports, and the anticipated drop in supply after the hack has led carriers to introduce new stops on long routes to allow refuelling at unaffected airports.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in