A little over a week after the ransomware , the United States gave in to the ransom by paying $ 5 million . The news came from Bloomberg who reported the fact, greatly increasing its resonance. Let's retrace the facts: on Friday 7 May, the computer systems of the Colonial Pipeline are hit by ransomware. The Colonial Pipeline is America's largest pipeline and transports tons of diesel oil from one part of the country to the other every day. To avoid even more serious repercussions, the company has opted for a drastic choice: the total shutdown of the systems. This action caused the transport of crude oil to be blocked for several days, in an attempt to restore full operation of the network.
Payment of the ransom by the United States
In the meantime, forensic investigation activities begin, with the aim of identifying who is behind this attack. However, from the beginning the Russian trail that sees the authors of the ransomware in the group of cybercriminals DarkSide seemed to be making its way. And so, six days after the attack, the payment of the ransom arrives: 5 million dollars in the hands of the attackers in order to receive the software (and the keys) necessary to decrypt the systems. Incidentally, however, it seems that the software released to make the pipeline operational again is not working very well. In fact, from what was reported in the press it seems that the systems engineers have resorted to the emergency backups they had at home.
In summary, in a week the attackers brought an infrastructure of national importance to its knees. The price of oil has also risen sharply and some pumps a temporary shortage of fuel. What's more, the alleged Russian hackers found themselves with pockets full of $ 5 million and left the Americans with systems to restore by hand. American President Joe Biden says he does not see Russia's will behind the attack but calls on the Russian President to increase his guard on criminal phenomena like this.
The new Colonial Pipeline case
Perhaps the most dramatic, as reported by CyberScoop , was the payment of the ransom. Indeed, it was clear how much it was necessary to re-establish the rapid operation of the pipeline but also how much this action could have global repercussions. If, on the one hand, this has shown that it is in any case unsuitable to rely on criminals, in cases like this, on the other it could have created a dangerous precedent .
Both the FBI and CISA had actually warned the company not to think about paying ransomware ransomware. Still, the payment took place and no one made any statements to explain what happened. What is worrying is the fact that hackers generally act by imitating other cybercriminal groups. Having had the example of how weak the infrastructure is and how easy it is to get all that money, the Colonial Pipeline could soon become a model of attack .
Of course, each of us hopes that this does not happen also by virtue of the fact that public infrastructure technology is often outdated and this could become a problem for every citizen. In fact, we are not only talking about the management systems of an oil pipeline but also and above all about PetaByte of personal, health and fiscal data that public administrations keep in the archives.
Indeed, we live more and more in a society founded on data and every day companies and public administrations work with data. What still needs to be understood is how much the data is an asset not only to be exploited economically but above all to be safeguarded . At that point we will be able to start a new technological season in defense of our data.