Colonial Pipeline cyberattack
May 10, 2021 - A double-extortion attack that has shut down the Colonial Pipeline -- America’s most extensive refined fuel network -- is the most successful cyberattack to date on critical U.S. infrastructure.
The Colonial Pipeline Company, which manages 45 per cent of the U.S. east coast’s fuel supplies, was forced to suspend 8,850 kilometres (5,500 miles) of pipeline between Texas and New Jersey after falling victim to a double-extortion scheme carried out by the DarkSide ransomware group.
Double-extortion ransomware attacks surged in 2020. The tactic involves threat actors stealing data from organizations in addition to encrypting files. As well as demanding a ransom to decrypt data, attackers can later threaten to leak or sell the stolen information.
Cybersecurity firm Emsisoft found that U.S. based governments, healthcare facilities and schools were hit by more than 23,600 ransomware attacks in 2020.
Emsisoft said the amount paid by ransomware victims in just ten countries reached about $2.6 billion last year. The average ransom paid by organizations in 2020 was more than $37,000.
Globally, a minimum of $18 billion was paid in ransoms, while the cost of downtime in the private and public sectors added billions more in fees.
Anne Neuberger, the Biden administration’s deputy national security adviser for cybersecurity and emerging technology, told The Associated Press that the government was supporting electric utilities, water districts, and other critical industries against potentially damaging cyberattacks.