Data that was claimed to have been stolen were in the gigabytes per organization. The DarkSide ransomware group maintains a TOR onion web page where it lists over two dozen victims in the construction, dental, energy, gaming, insurance, power, and property verticals, amongst others. The modus operandi of the group is similar to that of several ransomware groups that follow the data leak extortion model where they threaten to publish confidential stolen data and documents on the dark web if victims fail to comply. According to multiple sources, only information systems were affected, and not industrial control systems (ICS). The pipeline spans from Texas to New Jersey and was shutdown as a precautionary measure while assessments were being made. Reports have surfaced over the weekend that the ransomware attack is attributed to the DarkSide ransomware group. There is no new information relating to the attack itself, nor are there any indicators of compromise (IOCs) associated with the attack, but they encourage organizations to implement the recommendations they list in the Mitigations section of the advisory.įortiGuard Labs is aware of reports of a ransomware attack on the largest refined petroleum pipeline in the United States, Colonial Pipeline. Editorial Update 5/11 - In a joint advisory, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) urge critical infrastructure (CI) asset owners and operators to adopt a heightened state of awareness based on the attack.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |