US President Joe Biden has revealed that Washington has been in direct contact with Moscow discussing the attack on Colonial Pipeline by the members of the DarkSide group, which is believed to consist of Russian-speaking or possibly Russia-based hackers. POTUS added that he also plans to raise the incident in talks with Russian President Vladimir Putin.
At the same time, Biden said he does not believe the Kremlin was involved in the attack on what is seen in the US as a piece of critical infrastructure, despite the alleged Russian background of the hackers.
The president noted, however, that he does not rule out retaliating for the hacker attack on the pipeline.
White House spokeswoman Jen Psaki separately stressed, in the wake of Biden's statement, that Russia still holds "some responsibility" for the cyber-attack.
"Certainly, the host, the country, where individuals are located, even as a criminal network, even, as he [President Joe Biden] confirmed that we don’t have information from our review process that suggests the [Russian] government was involved, there is still some responsibility", Psaki said.
Unconfirmed media reports in the wake of the cyber-attack, which put Colonial Pipeline out of operation for nearly a week, suggested that Washington suspected Moscow of being involved in the act. However, Russian authorities strongly rejected the claims, while the White House stated that it did not believe the Kremlin had anything to do with it.
pipeline resumes operation following hack
Biden further announced that Colonial Pipeline is currently returning to full operational capacity, after it was interrupted around 7 May by a massive ransomware attack. POTUS said that it will be restored to full capacity this weekend.
Bloomberg News reported earlier, citing anonymous sources, that the company operating the pipeline had paid $5 million to the hackers in order to unlock the infected computers, despite Colonial previously claiming it would not pay the ransom. Colonial Pipeline has declined to comment on Bloomberg's report.
The creators of the ransomware used in the attack, DarkSide, reportedly commented on the incident on their website, saying that they never intended to take down a piece of critical infrastructure with their software. They reportedly insisted that their only goal was to earn money and not create problems for society.
DarkSide, which only develops viruses and then allows third parties to use them in exchange for a share of the ransom, promised to better vet the targets of attacks when working with their affiliates, according to a report on the Bleepingcomputer tech news website.