On May 7, the IT systems of the pipeline’s vital infrastructure, which transits fuel between the Gulf Coast and the New York Harbor area, were attacked with ransomware, causing Colonial to temporarily suspend all operations.
America’s Federal Bureau of Investigation (FBI) has blamed DarkSide, a cybercriminal group that has hacked numerous companies. Ransomware is a form of software that encrypts a victim’s files, holding them hostage until a ransom is paid.“So far there is no evidence based on, from our intelligence people, that Russia is involved, though there is evidence that the actors’ ransomware is in Russia,” Biden said on Monday. “They have some responsibility to deal with this.”
Speaking to Moscow-based news agency TASS, Kremlin spokesman Dmitry Peskov denied Russia is in any way involved in the attack.“Russia has nothing to do with this,” he said, noting that Moscow has been very willing to work with Washington, but “the US refuses to cooperate in countering cybercrime.”
His statement was later backed up by the Russian Embassy in the US, which published a rebuttal to the accusations.
DarkSide is thought to have stolen 100GB of data from Colonial, in what has been dubbed “the largest successful cyberattack on oil infrastructure in the country's history.”
Based in the US state of Georgia, Colonial Pipeline is an energy transport system that carries gasoline, diesel and jet fuel around America. It made headlines last year when it was responsible for one of the country's largest-ever spills from a pipeline, when 1.2 million gallons leaked into a North Carolina nature preserve.