The attack is a reminder of growing cyberthreats to critical infrastructure while also showing why providers of essential services are ripe targets for cybercriminals
While detractors have argued that threats against physical infrastructure are overstated and largely theoretical, the growing list of organizations that have been successfully attacked suggests otherwise. And now the media is full of reports of the flow-on effects of the ransomware attack leveled against Colonial Pipeline by the DarkSide cybercriminal gang. In fact, a lot has happened since – US President Joe Biden has signed an executive order aimed at improving the nation’s cyber-defenses and the company has restarted normal operations, while DarkSide claims to have shut up shop and there are also reports that Colonial Pipeline paid the gang $5 million in ransom.
Regardless, while the investigation into the attack is ongoing, detection of Win32/Filecoder.DarkSide has been in play since October 2020, so attackers wouldn’t seem to be using some super-sneaky, state-sponsored zero-day exploit to compromise their targets.
For years we’ve noted would-be attackers quietly probing around critical infrastructure targets, even launching attacks against specific, high-value targets such as in the examples listed above. This shows no ..
Support the originator by clicking the read the rest link below.
