Would you pay a cyber ransom?

Would you pay a cyber ransom?
Paige Fusco

A few days ago, cyber criminals hacked into one of the largest oil pipelines in the US, which halted operations after its corporate IT network was knocked offline. If the engineers don't fix the system on their own or the owners cough up the ransom that the hackers are demanding, millions of Americans will soon feel the heat of cybercrime in their daily lives, through higher prices at the gas pump.

Who pulled off this attack, and what does it tell us about the vulnerability of critical infrastructure and the rules (or lack thereof) in cyber conflict today?

The culprit. The US government has blamed the Colonial Pipeline cyberattack on DarkSide, a relatively new group of veteran hackers from Eastern Europe famous for bragging about its exploits online, and leaking data dumps from victims who don't pay up. The DarkSiders style themselves as Robin Hoods of the hacker world, donating (a minuscule) part of their profits to global NGOs such as Children International and The Water Project. But this time they may have bitten off a bit more than they can chew.

DarkSide issued on Monday a rare apology for creating "problems" to society, insisting they only want money and are not at all interested in politics, although they do seem to avoid former Soviet bloc nations. That's common for cyber criminals based in these countries, whose governments will look the other way as long as hackers target victims outside their borders.

One of those governments is that of Russia, with a long history of outsourcing its dirty cyber work to unscrupulous hackers. Joe Biden says there's no evidence that the Kremlin was involved this time, but does have "some responsibility."

The problem. The fact that a bunch of geeks armed with laptops shut down a pipeline that serves 45 percent of America's oil refineries shows that US critical infrastructure is a lot more vulnerable to cyber-extortion than we'd like to think. And the Biden administration's $2 trillion plan to upgrade US infrastructure across the board turns cybersecurity into an even more urgent concern.

As always, the pandemic has made everything worse. Ransomware attacks — and cybercrime in general — have boomed in COVID times, largely as a result of IT systems that became more vulnerable when companies rushed to adapt them for remote access. Moreover, hackers are now targeting bigger firms for a lot more money thanks to the rise of cryptocurrencies, which make it easier for them to get paid and harder to trace.

Ransomware attacks are particularly problematic for companies and countries because they are forced to make a tough choice: pay off hackers and risk encouraging further such attacks, or hold out and take the economic or social disruption on the chin.

The response. The Colonial Pipeline hack shows how cyberattacks can do severe damage to a country by disrupting critical infrastructure. But as we've written before, these types of operations are hard to prevent, and even harder to attribute and respond to.

So far, the US government has declared a state of emergency to keep the oil flowing to the Eastern Seaboard. But at this point it can't do much more to stop the hackers, or hold them responsible for a brazen attack that would otherwise be considered an act of war against America. It can't even prevent the corporation from paying the cryptocurrency ransom.

What it can do mostly depends on whether a foreign government was involved, or aware of what DarkSide was cooking. If that's confirmed later on, the US may want to hit that country harder than with the usual economic sanctions. There could even be political pressure to respond proportionately in cyberspace — perhaps with a similarly damaging attack. And when the cyber gloves are off, things could get very bad, very fast.

More from GZERO Media

A 3D-printed miniature model depicting US President Donald Trump, the Chinese flag, and the word "tariffs" in this illustration taken on April 17, 2025.

REUTERS/Dado Ruvic

The US economy contracted 0.3% at an annualized rate in the first quarter of 2025, while China’s manufacturing plants saw their sharpest monthly slowdown in over a year. Behind the scenes, the world’s two largest economies are backing away from their extraordinary trade war.

A photovoltaic power station with a capacity of 0.8 MW covers an area of more than 3,000 square metres at the industrial site of the Chernobyl Nuclear Power Plant, Kyiv region, Ukraine, on April 12, 2025.
Volodymyr Tarasov/Ukrinform/ABACAPRESS.COM

Two months after their infamous White House fight, the US and Ukraine announced on Wednesday that they had finally struck a long-awaited minerals deal.

Indian paramilitary soldiers patrol along a road in Srinagar, Jammu and Kashmir, on April 29, 2025.
Firdous Nazir via Reuters Connect

Nerves are fraught throughout Pakistan after authorities said Wednesday they have “credible intelligence” that India plans to launch military strikes on its soil by Friday.

Palestinian Hamas and Islamic Jihad fighters form a human chain in front of the crowd gathered near the family home of slain Hamas leader Yahya Sinwar, where the Hamas militant group prepares to hand over Israeli and Thai hostages to a Red Cross team in Khan Yunis, on January 30, 2025, as part of their third hostage-prisoner exchange..
Photo by Majdi Fathi/NurPhot

Israel hunted Yahya Sinwar — the Hamas leader and mastermind of the Oct. 7 attack — for over a year. He was hidden deep within Gaza’s shadowy tunnel networks.

A gunman stands as Syrian security forces check vehicles entering Druze town of Jaramana, following deadly clashes sparked by a purported recording of a Druze man cursing the Prophet Mohammad which angered Sunni gunmen, as rescuers and security sources say, in southeast of Damascus, Syria April 29, 2025.
REUTERS/Yamam Al Shaar

Israel said the deadly drone strike was carried out on behalf of Syria's Druze community.

Britain's King Charles holds an audience with the Prime Minister of Canada Mark Carney at Buckingham Palace, on March 17, 2025.

Aaron Chown/Pool via REUTERS

King Charles is rumored to have been invited to Canada to deliver the speech from the throne, likely in late May, although whether he attends may depend on sensitivities in the office of UK Prime Minister Keir Starmer.

Getting access to energy, whether it's renewables, oil and gas, or other sources, is increasingly challenging because of long lead times to get things built in the US and elsewhere, says Greg Ebel, Enbridge's CEO, on the latest "Energized: The Future of Energy" podcast episode. And it's not just problems with access. “There is an energy emergency, if we're not careful, when it comes to price,” says Ebel. “There's definitely an energy emergency when it comes to having a resilient grid, whether it's a pipeline grid, an electric grid. That's something I think people have to take seriously.” Ebel believes that finding "the intersection of rhetoric, policy, and capital" can lead to affordability and profitability for the energy transition. His discussion with host JJ Ramberg and Arjun Murti, founder of the energy transition newsletter Super-Spiked, addresses where North America stands in the global energy transition, the implication of the revised energy policies by President Trump, and the potential consequences of tariffs and trade tension on the energy sector. “Energized: The Future of Energy” is a podcast series produced by GZERO Media's Blue Circle Studios in partnership with Enbridge. Listen to this episode at gzeromedia.com/energized, or on Apple, Spotify,Goodpods, or wherever you get your podcasts.