May 10, 2021
A few days ago, cyber criminals hacked into one of the largest oil pipelines in the US, which halted operations after its corporate IT network was knocked offline. If the engineers don't fix the system on their own or the owners cough up the ransom that the hackers are demanding, millions of Americans will soon feel the heat of cybercrime in their daily lives, through higher prices at the gas pump.
Who pulled off this attack, and what does it tell us about the vulnerability of critical infrastructure and the rules (or lack thereof) in cyber conflict today?
The culprit. The US government has blamed the Colonial Pipeline cyberattack on DarkSide, a relatively new group of veteran hackers from Eastern Europe famous for bragging about its exploits online, and leaking data dumps from victims who don't pay up. The DarkSiders style themselves as Robin Hoods of the hacker world, donating (a minuscule) part of their profits to global NGOs such as Children International and The Water Project. But this time they may have bitten off a bit more than they can chew.
DarkSide issued on Monday a rare apology for creating "problems" to society, insisting they only want money and are not at all interested in politics, although they do seem to avoid former Soviet bloc nations. That's common for cyber criminals based in these countries, whose governments will look the other way as long as hackers target victims outside their borders.
One of those governments is that of Russia, with a long history of outsourcing its dirty cyber work to unscrupulous hackers. Joe Biden says there's no evidence that the Kremlin was involved this time, but does have "some responsibility."
The problem. The fact that a bunch of geeks armed with laptops shut down a pipeline that serves 45 percent of America's oil refineries shows that US critical infrastructure is a lot more vulnerable to cyber-extortion than we'd like to think. And the Biden administration's $2 trillion plan to upgrade US infrastructure across the board turns cybersecurity into an even more urgent concern.
As always, the pandemic has made everything worse. Ransomware attacks — and cybercrime in general — have boomed in COVID times, largely as a result of IT systems that became more vulnerable when companies rushed to adapt them for remote access. Moreover, hackers are now targeting bigger firms for a lot more money thanks to the rise of cryptocurrencies, which make it easier for them to get paid and harder to trace.
Ransomware attacks are particularly problematic for companies and countries because they are forced to make a tough choice: pay off hackers and risk encouraging further such attacks, or hold out and take the economic or social disruption on the chin.
The response. The Colonial Pipeline hack shows how cyberattacks can do severe damage to a country by disrupting critical infrastructure. But as we've written before, these types of operations are hard to prevent, and even harder to attribute and respond to.
So far, the US government has declared a state of emergency to keep the oil flowing to the Eastern Seaboard. But at this point it can't do much more to stop the hackers, or hold them responsible for a brazen attack that would otherwise be considered an act of war against America. It can't even prevent the corporation from paying the cryptocurrency ransom.
What it can do mostly depends on whether a foreign government was involved, or aware of what DarkSide was cooking. If that's confirmed later on, the US may want to hit that country harder than with the usual economic sanctions. There could even be political pressure to respond proportionately in cyberspace — perhaps with a similarly damaging attack. And when the cyber gloves are off, things could get very bad, very fast.From Your Site Articles
- Panel: Working together to protect cyberspace - GZERO Media ›
- Impact of Microsoft hack deepens; why cyber attacks target ... ›
- The invisible threat to global peace - GZERO Media ›
- DarkSide hack reveals risk of ransomware cyberattacks - GZERO Media ›
- Is a Huawei ban possible in Brazil? Poly Network cryptocurrency heist - GZERO Media ›
- Panel: Working together to protect cyberspace - GZERO Media ›
- Spyware concerns prompt US Congress to move toward sanctions - GZERO Media ›
- Constant Russian attacks on Ukraine in cyberspace - GZERO Media ›
- Russian cyber attack could trigger NATO’s Article 5, warns NATO Deputy Secretary General - GZERO Media ›
- How Russian cyberwarfare could impact Ukraine & NATO response - GZERO Media ›
- "We're identifying new cyber threats and attacks every day" – Microsoft’s Brad Smith - GZERO Media ›
- How Russian cyberwarfare could impact Ukraine & NATO response - GZERO Media ›
- Podcast: Protecting the Internet of Things - GZERO Media ›
- How North Korea trains its “cyber soldiers” - GZERO Media ›
- Biggest cybersecurity threat to watch in 2022 - GZERO Media ›
- Biden likely to push Putin on cybersecurity in Geneva meeting - GZERO Media ›
- Russian hackers' arrests timing likely just coincidence, says Ukraine analyst - GZERO Media ›
More For You
- YouTube
GZERO World with Ian Bremmer is returning to your screens this week, kicking off Season 9 in a summer of sweltering global tensions. The United States is celebrating its 250th birthday, a war has reshaped the Middle East, AI is forcing humanity to confront profound ethical choices, and democracies around the world are bracing for what comes next. Host Ian Bremmer is here to make sense of it all.
Most Popular
As America approaches its 250th anniversary, Bank of America is investing in the legacy of leadership — committing $5M to the Theodore Roosevelt Presidential Library and conserving 110 presidential portraits at the Smithsonian National Portrait Gallery, so the history of leaders who defined our nation is preserved for generations to come. Learn more here.
- YouTube
In his latest “ask ian,” Ian Bremmer says the US and China should use their growing engagement to address two major global challenges where cooperation could have an outsized impact: the war in Ukraine and the risks posed by artificial intelligence.
The trade bloc is also reducing its quota of tariff-free steel imports, as trade tensions mount with Beijing.
© 2025 GZERO Media. All Rights Reserved | A Eurasia Group media company.
