Illustration. https://tinhtexaydung.petrotimes.vn According to GasBuddy, about 30% of all retail gas stations in North Carolina, South Carolina and George are out of gas. Virginia and Tennessee are also experiencing significant blackouts. Colonial Pipeline’s main pipeline transporting gasoline and diesel to the US East Coast has been shut down, following a ransomware attack earlier this month. More than a thousand fuel stations in the Southeast have run out of petrol and diesel due to panic buying and pipeline closures. Even people in Texas, in the Rio Grande Valley, are flocking to gas stations to fill up with fuel, when news of gas stations running out of fuel. Colonial Pipeline paid almost $5 million in ransom in the form of a cryptocurrency to the hackers. But 2 weeks after shutting down, some gas stations are still shutting down. In Georgia, according to AAA data, the average price of a gallon of regular retail gasoline was $2,944 as of May 20, up from $2,708 a month before the pipeline failure. In North Carolina, the average price for gasoline is $2,929 per gallon, compared with $2,627 a month ago. According to Reuters, U.S. gasoline consumption is nearing pre-pandemic levels and is now down just 4% in the four weeks since May 14 from the five-year pre-pandemic average. https://tinhtexaydung.petrotimes.vn

A Colonia Pipeline fuel station. Photo: Getty Images The US Department of Transportation’s guidance notice emphasizes that this decision is in response to emergency conditions, stemming from the need for immediate transportation of fuel items, to relieve problems related to supply scarcity. Colonial Pipeline on May 9 also said that many of the company’s main operating pipelines are still closed, but some small lines connecting the supply station and distribution point have returned to normal operation. On May 7, Colonial Pipeline was hacked with ransomware, a type of code that locks systems by encrypting data and demands a ransom to restore access. The attack caused Colonia Pipeline to shut down the entire pipeline network. Colonial Pipeline transports gasoline, diesel, jet fuel and other refined products from the Gulf of Texas to the densely populated East Coast of the United States through an 8,850-kilometer pipeline, serving 50 million customers. In areas affected by supply disruptions, fuel demand increased by 4% on May 8, prices also increased by more than 4.2%. The attack caused concern among US consumers about the scarcity of gasoline supplies if the problem is not fixed in time.

Colonial Pipeline transports 2.5 million barrels of fuel per day. Photo: Colonial Pipeline According to the BBC, the state of emergency allows fuel to be transported by road. The news agency quoted experts as saying that fuel prices could increase by 2-3% on May 10, but the real impact would be much worse if this situation continued for longer. Many sources confirm that the malicious code attack is caused by a cybercriminal gang called DarkSide, which infiltrated Colonial’s system on May 6 and stole nearly 100GB of data as a “hostage”. After taking over the data, the group of hackers locked this data on some computers and servers, demanded a ransom and warned that if they did not receive the money, they would release the data on the internet. Colonial is working with law enforcement, cybersecurity and the US Department of Energy to restore service. On the evening of May 9, the company announced that although the four main pipelines continued to stop, some smaller lines between the terminals and delivery points were still operating. “Immediately after learning of the attack, Colonial proactively shut down certain systems to stop the threat. These actions temporarily halted all pipeline operations and affected some systems. our information technology system, which we are actively working on restoring,” said Colonial. “We are in the process of restoring service to other pipelines and will bring the entire system back online when we believe it is safe and in full compliance with all federal regulations. “. The DarkSide message appears on the victim’s computer screen. DarkSide isn’t the largest cybercriminal gang in the field, but the incident demonstrates the heightened risk that malware poses to critical U.S. industrial infrastructure, not just businesses. This gang lists all types of stolen data and sends the victim the URL of the “personal leak site”, where the data is pre-loaded waiting for automatic publication, if the company or organization does not. payment before the deadline. DarkSide claims to provide proof of the data obtained, and is ready to delete all such data from the victim’s network. According to Digital Shadows, a London-based cybersecurity company that tracks global cybercrime groups to help businesses limit their risk of being hacked, DarkSide acts like a company.

The attack was one of the most disruptive digital ransom schemes reported, prompting US lawmakers to call for increased protection of America’s critical energy infrastructure from hackers. Commerce Secretary Gina Raimondo said pipeline repairs were a priority for the Biden administration and Washington was working to avoid more severe fuel supply disruptions by helping Colonial restart the road network. The tube is more than 5,500 miles (8,850 km) long. “Right now it’s an all-in-one effort,” Raimondo said on CBS’s “Face the Nation.” “We are working closely with company, state and local officials to ensure they return to normal operations as quickly as possible and without disruption to supplies,” Colonial said. The pipeline network was attacked – Photo: Reuters Their main fuel lines are still offline, but some of the smaller routes between the terminals and delivery points are now up and running. Neither Raimondo nor the company has given an estimate of a full reboot date. U.S. gasoline futures rose more than 3% to $2,217 a gallon, the highest since May 2018 as trading opened for the week and market participants reacted to pipeline closures. Colonial ships about 2.5 million barrels per day of gasoline and other fuels from refineries on the Gulf Coast to consumers. Its extensive pipeline network serves major US airports including Atlanta’s Hartsfield Jackson Airport, the world’s busiest airport by passenger traffic. A spokeswoman for Charlotte Douglas International Airport said the airport had supplies on hand and was “monitoring the situation closely”. Retail fuel experts including the American Automobile Association say outages lasting several days could have a significant impact on fuel supplies in the region, particularly in the southeastern US. Colonial Pipeline’s fuel tanks – Photo: Reuters While the US government investigation is in its early stages, a former official and three industry sources said the suspected hackers were a professional cybercrime group called DarkSide. DarkSide is one of many gangs that often use malware to extort victims. These groups gain access to private networks, encrypt files with software, and often steal data. They ask for money to decrypt the files and ask for more money to not publish the stolen content. During the Colonial attack, the hackers stole more than 100 gigabytes of data.

Colonial Pipeline had to shut down the entire network after a cyber attack. Photo: wsj.com The administration of President Joe Biden said it was making every effort to restore the company’s operations and avoid disruption to supply. Experts say gas prices will not be affected if the company resumes normal operations in the next few days. However, this cyberattack, rated as the worst ever for the US infrastructure system, should be a warning bell for other companies about the risk they will become the next target of similar attacks. According to Colonial Pipeline, the company’s pipeline carries gasoline and other fuels from Texas to the Northeast, providing nearly 45 percent of the fuel for the East Coast of the United States. Although Colonial Pipeline has not revealed who is responsible for the cyber attack, an unnamed person on the team investigating the incident confirmed that the culprit was a hacker group nicknamed Darkside. This group has been spreading ransomware since August 2020 and is classified as one of the most attackable groups. Over the past 3 years, Darkside has become more and more professional and has caused Western countries tens of billions of dollars in losses. Ransomware attacks are malicious code designed to lock down computer systems using encrypted data and demand a ransom to restore access. US Commerce Secretary Gina Raimondo on May 9 warned US businesses to be wary of ransomware attacks. The female minister affirmed that she would work closely with the Department of Homeland Security to handle the issue, considering this a top priority of the government. Reuters news agency, citing a notice from the White House, said the administration was working to help Colonial Pipeline company resume operations to avoid supply disruptions. According to sources, before activating ransomware, hackers often steal data, which is used to blackmail businesses or distort the truth. Sometimes stolen data is more valuable to hackers than the benefit they get by disrupting business operations. Security experts say the attack is a warning to operators and managers of essential infrastructure in the US such as electricity, water, energy and transportation facilities that have long been built. do not update the method to ensure security against the risk of being attacked. Mr. David Kennedy, a senior security consultant and founder of the security consulting firm TrustedSec, admitted that ransomware attacks have spiraled out of control in the US and are currently under development. is one of the greatest threats facing the United States. However, most American companies lack the ability to prepare for such threats.

According to the Vice , DarkSide’s message does not directly refer to the Colonial Pipeline attack, but is titled “Regarding the Latest News”. The group said its actions were unrelated to politics. The cyber attack on May 7 caused the Colonial Pipeline’s fuel pipeline system to stop working. Photo: Bloomberg. “We are a non-political group, not involved in geopolitics. Don’t tie us to a government or look for other motives… Our aim is to make money, not to cause problems for society,” a DarkSide representative wrote on a website belonging to the dark web. According to the Washington Post , some US officials believe that DarkSide is the hacker group behind the Colonial Pipeline attack. Also in the new statement, DarkSide said it will change the way it works and selects targets. “From today, we will examine and analyze each company that partners want to encrypt to avoid social consequences,” the group wrote. On May 7, Colonial Pipeline announced that it had to disconnect some systems after discovering it was “a victim of a cyber attack”. According to the Business Insider , this move caused more than 8,046 km of fuel pipes and some computer systems of Colonial Pipeline to stop working. In an updated statement on May 8, the company representative confirmed that the software used for the attack was in the form of ransomware, which encrypts files in the system and requires victims to pay if they want to get it. again. The company hired a cybersecurity firm to investigate the severity of the attack. The DarkSide hacker group spoke out after the alleged implementation of a cyber attack against the Colonial Pipeline. Photo: Motherboard. According to information on its website, Colonial Pipeline transports about 45% of all fuel consumed on the East Coast of the United States. On May 9, the company said that while the main pipelines are still closed, some smaller pipelines have been reactivated. In response to the incident, the US Department of Transportation has declared a state of emergency in 17 states and Washington to lift restrictions on carriers and drivers assisting in fuel shortages. The declaration of emergency will be in effect until the end of the state of affairs, or until 23:59 on June 8 (local time). After the Colonial Pipeline incident, gasoline prices in the US increased more than 3% to $2,217 per gallon – the highest price since May 2018. Experts warn that the price of gas raw materials may increase further if Colonial Pipeline does not reopen the pipeline in the next few days. How did the FBI hack the suspect’s iPhone? Cellebrite has invented a phone-cracking technology that makes it easier for the FBI to investigate.

Bkav’s suite of application technology solutions with 5 layers of protection. The product set includes antivirus software Bkav Pro 2021 for individual users and Bkav Endpoint 2021 for agencies and businesses. This set of solutions is applied artificial intelligence (AI) to kill viruses even without updating the identification pattern, especially integrating a series of new technologies to protect personal information and user data. Specifically, the set of AI application solutions aims to create a 5-layer protection system including: The network layer is responsible for protecting and monitoring all incoming and outgoing network connections; operating system layer to monitor and detect operating system vulnerabilities; the data layer is responsible for protecting and monitoring changes to data or system configuration; application layer that monitors the behavior and vulnerabilities of applications; The user layer helps ensure enforcement of information security policies. According to Mr. Vu Ngoc Son, Vice President in charge of anti-malware of Bkav, the new version of AI technology applied in Bkav 2021 can identify malicious code up to 99.9% as well as reduce the ability to “catch”. clean files down to approximately 0%. This new technology also optimizes performance 144% more than the previous 2020 version. The business version of Bkav Endpoint also provides reporting statistics in the form of a visual Dashboard, helping businesses get an overall picture of the periodic protection situation by week, month, and year, including the number of scanned files. , number of files are malicious code, number of controlled connections, number of dangerous connections blocked, rate of infected malware types, number of times to prevent data encryption, spy attacks, number of holes OS vulnerabilities… Customers who already have a license will be automatically upgraded to the new version for free from May 11, 2021.