Cyberattacks have hit at least 17 targets in the US since March, from local governments and schools to major meat and oil suppliers. Here’s the full list.

Out of service gas pump
The Capitol Hill Exxon station temporarily ran out of low and medium grade gasoline on Thursday, May 13, 2021, following the shutdown of the Colonial fuel pipeline.

  • Businesses, local governments, and other organizations in the US have been victims of cyberattacks this year.
  • The largest attacks occurred on gas provider Colonial Pipeline and meat producer JBS.
  • President Biden is expected to address cyberattacks with Russian President Vladimir Putin during their meeting Wednesday.
  • See more stories on Insider’s business page.

A growing number of cyberattacks have occurred on US businesses, local governments, and public systems since the start of 2021.

These attacks usually originate from outside the US, in countries like Russia and China, experts who spoke to Insider earlier in June said. Tyler Moore, a professor of cybersecurity and information at the University of Tulsa, said there were three kinds of major cyber attacks: ransomware attacks, espionage attacks, and email compromise attacks.

“There was a big increase in ransomware attacks in 2020 that continued in 2021,” Allan Liska, who works on the computer security incident response (CSIRT) at the cybersecurity company Recorded Future, previously told Insider.

“What I think we’re starting to see is ransomware attacks that have more of an impact on a broad swath of consumers,” he said.

President Joe Biden earlier this year placed sanctions on Russia for its involvement in the attack on SolarWinds, which was reported last year. Biden is also expected to address cybercrime when he meets with Russian President Vladimir Putin in Geneva on Wednesday.

These are the cyberattacks that US companies, agencies, and institutions have faced so far this year.

CNA Financial Group

CNA Financial Group announced in May it had been the victim of a ransomware attack in March, Bloomberg reported. According to the report, the Chicago-based insurance company paid hackers $40 million to regain control of its IT systems. The company said it did not believe data was stolen in the attack.

Microsoft’s Exchange Server email software

At least 30,000 victims that included small businesses and local governments were hacked by an organization in March that is thought to have ties to China. The hackers exploited four vulnerabilities with Microsoft’s Exchange Server email software, according to Krebs on Security.

A Maryland drug-treatment clinic

Turning Point Clinic, the largest drug-treatment clinic in Baltimore, Maryland, was the victim of a cyberattack in April, according to the Baltimore Sun. The hackers may have accessed and copied patient’s personal information, officials said, according to the report.

An Iowa school district

The Union Community Schools District in Cedar Rapids, Iowa, was the victim of a cyberattack in April, school officials announced in June, according to KCRG. The breach briefly took the school’s website down, and school officials said the hackers may have accessed the school district’s documents.

New York’s metro authority

Also in April, the Metropolitan Transportation Authority, the New York state agency that operates public transit in New York City was targeted by cybercriminals. Officials said hackers did little damage to its systems and did not access train controls, according to a report from NBC New York.

An Alaska court system

The Alaska court system said it was the victim of a malware attack in April, according to the Associated Press. The court system took its systems offline and was working to make them stronger to avoid future attacks, according to the report. It said it did not believe personal information was stolen as a result of the breach.

Alaska’s Department of Health and Human Services

The Alaska Department of Health and Human Services was the victim of a malware attack in May, it said, taking some of its online services offline, according to Alaska Public Media. The department said it wasn’t clear if personal information was accessed during the hack, according to the report.

America’s largest fuel pipeline

Ransomware organization DarkSide, which is believed to be tied to Russia, in May targeted Colonial Pipeline, the operator of the largest fuel pipeline in the US. The shutdown caused gasoline shortages and price hikes for about a week across the East Coast, leading governors in several states to declare states of emergency, as Insider reported.

The world’s largest meat supplier

JBS USA, the world’s largest meat supplier, announced in May it too had been the victim of an attack by cybercriminals. The company temporarily suspended operations at around 10 of its global plants due to the attack, according to a report from Bloomberg. It paid hackers $11 million, according to NBC News.

The government of an Illinois county

The government in St. Clair County, Illinois, was the victim of a cyberattack at the end of May that caused weekslong disruptions, according to Government Technology. The hack prevented residents from using online systems to access court records or pay taxes, according to the report. A ransomware group named Grief took responsibility for the attack, according to the report.

Tulsa’s computer systems

Hackers in May breached computer systems in the city of Tulsa, Oklahoma, prompting officials to quickly shut them down, according to the Associated Press. City residents were left unable to use online systems to pay their water bills. A spokesperson for the city of Tulsa said the hack was stopped before any information could be leaked, according to the AP.

A truck and military vehicle manufacturer

Navistar, a US truck and military vehicle manufacturer, said it was the victim of a cyberattack in May. The company said that data had been stolen from its IT system. It said the IT system remained fully functional. It’s unclear what data was stolen, Insider previously reported.

San Diego health system

San Diego health system Scripps Health reported it fell victim to ransomware attack May 1, according to Fox 5 San Diego. As a result, the system took its system offline for a month, leading to missed appointments and patients’ inability to access their medical records. It’s unclear if hackers accessed private patient data, according to the report.

Puerto Rico’s main power provider

Luma Energy LLC, the main power provider in Puerto Rico experienced a denial-of-service attack on June 10, according to The Wall Street Journal. A denial-of-service attack occurs when hackers overwhelm a system with requests in an attempt to bring it down. Shortly after the attack, a fire at the facility broke out, causing 900,000 people to lose power. The cause of the fire has not yet been determined, according to the report.

McDonald’s

McDonald’s announced on June 11 it had been hit by a cyberattack in the US, South Korea, and Taiwan. The hack exposed employee information, and information about some of its restaurants, but the company said no customer information was leaked as a result of the hack, The Wall Street Journal reported.

Massachusetts ferry service

The Steamship Authority of Massachusetts was the victim of a ransomware attack in June, NBC Boston reported. While ships continued to operate normally during the attack, customers were unable to book or change their tickets online or by phone for a week.

An Iowa community college

Both in-person and online classes were canceled in June at the Des Moines Area Community College in Iowa after a cyberattack took down its computer systems, Fox Business reported. In-person classes have resumed, while online courses remained canceled as of June 14, according to the college. The school said it didn’t believe that student or faculty data had been leaked due to the breach, according to Fox Business.

NYC’s law department

New York City officials confirmed in June they were investigating a hack on its Law Department. According to a report from the New York Daily News, the breach left lawyers unable to access documents and may have made put employee’s personnel information at risk.

Television stations

In June, at least three US television stations owned by Cox Media Group were hit with a reported cyberattack, according to a report from NBC News. Cox Media Group did not return Insider’s request for comment and has not publicly spoken about the hack.

Video game developer

Hackers in June stole data from game developer Electronic Arts (EA), according to Vice. In an online forum, hackers claimed to have stolen data about the company’s upcoming games, including “FIFA 21,” the report said. Hackers reportedly used Slack to breach the company. In total, the hackers claimed to have stolen 780 GB of data, according to Vice. The company told Vice no customer data had been extracted in the hack.

Read the original article on Business Insider

Major cyberattacks have rocked the US, and there are ‘a lot of different ways that ransomware actors can disrupt everyone’s lives,’ experts say

Out of service fuel nozzles are covered in plastic on a gas pump at a gas station in Waynesville, North Carolina, after a gasoline supply crunch caused by the Colonial Pipeline hack
Out of service fuel nozzles are covered in plastic on a gas pump at a gas station in Waynesville, North Carolina, after a gasoline supply crunch caused by the Colonial Pipeline hack

  • A number of prominent cyberattacks on US institutions have made headlines so far in 2021.
  • Hackers targeted a major gas provider in April and the world’s largest meat producer in May.
  • Sometimes, experts say, hackers are after ransom, but in other cases intended to steal information.
  • See more stories on Insider’s business page.

A slew of cyberattacks against US agencies, institutions, and companies have dominated headlines so far this year, and cybersecurity experts say that these types of damaging attacks are on the rise and can have impacts that “spillover” across supply chains.

Cybercriminals, believed to be tied to Russia, in May targeted Colonial Pipeline, the operator of the largest fuel pipeline in the US. When the hackers, from a ransomware group called DarkSide, infiltrated its system, the company quickly shuttered the pipeline to prevent the ransomware from spreading.

The shutdown caused gasoline shortages and price hikes for about a week across the East Coast, leading governors in several states to declare states of emergency.

At the end of May, JBS USA, the world’s largest meat supplier, announced it too had been the victim of an attack by cybercriminals. The company temporarily suspended operations at around 10of its global plants due to the attack, according to a report from Bloomberg.

Cyberattacks can be categorized in three ways, Tyler Moore, a professor of cybersecurity and information at the University of Tulsa, told Insider.

These include the headline-making attacks where criminals exploit systems seeking ransom, such as the attacks on JBS and Colonial Pipeline.

Another type, he said, is an espionage attack where foreign criminals breach a system intending to steal information.

There’s also a third and more common type category called “email compromise,” where a hacker targets a business or organization using an email phishing scam. Business email compromise scams cost US companies a combined $1.8 billion last year, according to a March 2021 report from IC3, the FBI’s Internet Crime Complaint Center. There were 791,730 complaints of suspected internet crime in 2020, about 300,000 more than were reported in 2019.

In total, these cyberattacks resulted in a loss of more than $4 billion in the US last year, according to the report.

In the past, Moore said ransomware hackers often targeted smaller institutions, like local hospitals. These localized attacks rarely garnered national attention, he said.

The growing threat is not just the initial hack but the “spillover harm” it causes, Moore said.

The more recent attacks, like those on Colonial Pipeline and JBS, are cause for concern because they create problems on a larger scale, he said. And, he added, these companies and their systems have long been vulnerable to these types of attacks.

“It becomes more of sentient threat – more of a threat that we’re aware of,” Moore said of the recent ransomware hacks.

“They’re not trying to necessarily shut down a pipeline,” Moore added of ransomware hackers. “They’re just trying to make money through ransomware, but they’re still having this effect of disrupting our critical infrastructures.”

DarkSide claimed it didn’t mean to cause any disruption to society. The ransomware group later claimed it would be disbanding following the incident.

“We’re seeing more of this spillover harm,” Moore added. “We’re seeing this harm that spreads far beyond what the original attack was trying to do. And that, that seems to be a growing concern.”

“These companies have technology supply chains and different pieces of those supply chains are being attacked, which can cause widespread damage across many other companies,” Moore said.

Ransomware attackers have also evolved. Historically, victims of a ransomware attack could avoid paying the ransom if they maintained regular system backups and restored their systems to them after they had been compromised.

Now, hackers expect this and will download data and threaten to release it publicly if the ransom is not paid, Moore added.

In the case of Colonial Pipeline, the company quickly paid the hackers $4.4 million in ransom. Officials at the Department of Justice said this week they were able to recover most of the $4.4 million paid to the hackers.

This year alone, cybercriminals have taken out large and small targets

It’s not just a perception or an increase in coverage – cyberattacks in the US are both growing and evolving, experts said.

“There was a big increase in ransomware attacks in 2020 that continued in 2021,” said Allan Liska, who works on the computer security incident response (CSIRT) at the cybersecurity company Recorded Future.

“What I think we’re starting to see is ransomware attacks that have more of an impact on a broad swath of consumers,” he added.

  • New York City officials confirmed this week they were investigating a hack on its Law Department. According to a report from the New York Daily News, the breach left lawyers unable to access documents and may have made put employee’s personnel information at risk.
  • Earlier in June, at least three US television stations owned by Cox Media Group were hit with a reported cyberattack, according to a report from NBC News. Cox Media Group did not return Insider’s request for comment.
  • Hackers last month breached computer systems in the city of Tulsa, Oklahoma, prompting officials to quickly shut them down, according to the Associated Press. City residents were left unable to use online systems to pay their water bills. A spokesperson for the city of Tulsa said the hack was stopped before any information could be leaked, according to the AP.
  • In April, the Metropolitan Transportation Authority, the New York state agency that operates public transit in New York City was targeted by cybercriminals. Officials said hackers did little damage to its systems and did not access train controls, according to a report from NBC New York.
  • And in March, at least 30,000 victims that included small businesses and local governments were hacked by an organization that is thought to have ties to China. The hackers exploited four vulnerabilities with Microsoft’s Exchange Server email software, according to Krebs on Security.

“That was an attack where they were not trying to disrupt anything, but the purpose really was to gain access to information,” Moore said of the March attack.

“Essentially, you’ve got the internal corporate email of many, many companies,” he added. “This is something that is very valuable to a nation-state adversary like China.”

Cyberattacks entered a new era with the attack on the information technology firm SolarWinds, which was first reported late last year. The breach impacted private companies like cybersecurity firm FireEye and the Department of Homeland Security and the Treasury Department, as Insider previously reported.

Top US officials say they believe the SolarWinds hackers were foreign actors from Russia.

This type of cybercrime almost always originates from outside the US, experts said.

“When we say Russia, China or, Iran – all of which have had ransomware actors operate out of their borders – we’re generally talking about financially motivated actors that are not necessarily working for the government. But they operate with a tacet approval from the government,” Liska said in regard to ransom seekers, like those from DarkSide.

There are reasons for Americans to be concerned about future attacks, Liska said. But there’s also room for optimism.

But he added his fears had been assuaged slightly due to recent actions from the US government.

“The Biden administration has had a very aggressive response to these ransomware attacks. And a lot of ransomware actors are rethinking who they want to target,” Liska said.

Biden in April slapped sanctions on Russia following its accused involvement in the SolarWinds attack.

“The Biden administration has been clear that the United States desires a relationship with Russia that is stable and predictable,” the White House said in April. “We do not think that we need to continue on a negative trajectory. However, we have also been clear – publicly and privately – that we will defend our national interests and impose costs for Russian Government actions that seek to harm us.”

The Department of Justice also, in April, established the Ransomware and Digital Extortion Task Force to investigate ransomware hackers. Paul M. Abbate, the deputy director of the FBI, said the agency currently has more than 100 investigations into operations like DarkSide, Insider previously reported.

FBI Director Christopher Wray this month told The Wall Street Journal there were “a lot of parallels” between the September 11, 2001, terrorist attacks and the current state of cyberattacks in the US.

“Part of the persona of these ransomware actors is they’re bold and audacious,” Liska said. “They issue press releases talking about their exploits and how they’re not afraid of anybody and they’ll go after anybody. It’s really easy to do that until the president calls you out by name.”

Liska said it wouldn’t be impossible for cybercriminals to target something like the power grid or water treatment facilities (the latter happened in Florida earlier this year). But with growing scrutiny from the US government, criminals might be less likely to set their sights on big targets, he said.

“There are still a lot of different ways that ransomware actors can disrupt everyone’s lives without necessarily taking the power grid offline,” Liska said.

“We need to invest more heavily in our critical infrastructure,” he added.

Read the original article on Business Insider

Coinbase pushes back against the theory it helped US authorities recover Colonial Pipeline ransom crypto

coinbase direct listing
  • Coinbase said it did not work with US authorities to recover the Colonial Pipeline crypto ransom.
  • Graphs circulating online seemed to show that the bitcoin ransom was sent via Coinbase servers.
  • The FBI recovered a big chunk of the $4.3 million paid by gaining access to the hackers’ wallet.
  • Sign up here for our daily newsletter, 10 Things Before the Opening Bell.

Coinbase’s chief security officer has denied the crypto exchange helped US authorities recover a big chunk of the $4.3 million crypto ransom paid to Colonial Pipeline hackers, after theories about its involvement circulated online.

Company CSO Philip Martin took to Twitter to respond to the claims that the crypto exchange had played a part in the Department of Justice and FBI seizing 63.7 bitcoins, worth $2.3 million, by unlocking a bitcoin wallet. Court filings showed authorities obtained a seizure warrant for the wallet, which contained funds paid to “Dark Side” hackers who shut down the US’s largest refined-oil-product pipeline in May.

“Coinbase was not the target of the warrant and did not receive the ransom or any part of the ransom at any point. We also have no evidence that the funds went through a Coinbase account/wallet,” Martin tweeted.

Various blockchain data graphs circulating on social media were interpreted as showing the bitcoin ransom was wired through Coinbase’s servers, which led to an outcry from Coinbase users and bitcoin fans.

Pointing to BitQuery graphs in particular, Martin said any reference to Coinbase on graphs and documents referred to “Coinbase” as a concept rather than the crypto exchange itself.

Further, Coinbase uses a “pooled hot wallet”, whereas the FBI was in possession of just one private key, which the crypto exchange could not provide, Martin explained.

The online uproar centered on complaints that collaboration with government agencies was against the spirit of cryptocurrencies, which fans take pride in being decentralized, private and an alternative to state-regulated finance.

The US authorities have yet to give an official explanation of how they were able to obtain the private key that gave them access to the digital wallet used by the Dark Side hackers, allowing them to seize back the majority of the payment.

“So how did they get the private key? Maybe some whiz-bang magic, but my guess would be it was some good ol’ fashioned police work to locate the target servers, and an MLAT request and/or some political pressure to get access.” Martin suggested.

One of regulators’ main concerns around crypto is its use by criminals to fuel illicit activities, and whether authorities need more tools to respond and handle such situations.

Bitcoin fell by more than 12% on Tuesday alongside most major cryptocurrencies after US authorities said they had been able to recover the ransom. It started to recover on Wednesday morning and was up 5.39% in the 24 hours to 6:42 am E.T. Bitcoin was last trading at $34,587.26.

Read the original article on Business Insider

The FBI recovered a huge chunk of the Colonial Pipeline ransom by secretly gaining access to Darkside’s bitcoin wallet password

The bitcoin logo is seen on a smartphone screen device in front of a computer screen that says "cancelled. "
The FBI managed to gain access to the “private key” of a bitcoin wallet that the hacking group Darkside used to collect its ransom payments.

The Department of Justice announced Monday that it had recovered a majority of the ransom paid by Colonial Pipeline to hackers who shut down its operations last month and caused massive fuel shortages and price hikes.

The DOJ said that it had recovered $2.3 million worth of bitcoin out of the $4.4 million ransom that Colonial had paid to Darkside, the group behind the hack.

How did the government pull it off?

The FBI had what was effectively the password to a bitcoin wallet that Darkside had sent the ransom money to, allowing the FBI to simply seize the funds, according to the DOJ.

‘Following the money’

Despite cybercriminals’ increasingly sophisticated use of technology to commit crimes, the DOJ said it used a time-tested approach to recover Colonial’s ransom payment.

“Following the money remains one of the most basic, yet powerful tools we have,” Deputy Attorney General Lisa Monaco said in the DOJ’s press release.

Colonial was hacked by Darkside on May 7, and alerted the FBI that same day, according to the DOJ.

On May 8, with its operations knocked offline and amid an emerging gas crisis, Colonial opted to pay the ransom (much to the chagrin of government crimefighters who were simultaneously trying to shut down the hack).

Colonial told the FBI that Darkside had instructed it to send 75 bitcoin, worth about $4.3 million at the time, according to an affadavit from an FBI special agent involved in the investigation.

The FBI agent then used a blockchain explorer – software that lets users search a blockchain, like bitcoin, to determine the amount and destination of transactions – to figure out that Darkside had tried to launder the money through various bitcoin addresses (similar to bank accounts), according to the affadavit.

Eventually, through the blockchain explorer, the FBI agent was able to track 63.7 bitcoin to a single address that had received an influx of payments on May 27.

Fortunately for the FBI, according to the agent’s affadavit, the agency had the private key (effectively the password) for that very address.

Bitcoin addresses rely on a two-key encryption system to keep transactions secure: one public and one private. The public key is shared openly so anybody can send money to that address. But once the sender has encrypted their payment with the recipient’s public key, only the recipient’s private key can decrypt and gain access to that money.

That’s why private keys are meant to be closely held secrets, stored in a secure place. As of January, $140 billion in bitcoin – around 20% of existing bitcoin – were held in wallets where people had forgotten or lost their private keys.

In Darkside’s case, the FBI managed to gain access to its public key, and after getting a seizure warrant from a federal court, the agency used the key to access Darkside’s address and swipe 63.7 bitcoin, or around $2.3 million.

The FBI didn’t say how it had managed to obtain the key, but said it sent a warning to other potential ransomware hackers.

“Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises,” Monaco said in the release.

Read the original article on Business Insider

US senators urge stricter crypto regulation after a flood of ransomware attacks

IMG_3283
Sen. Mark Warner (D-VA) on January 30, 2020 and Sen. Roy Blunt (R-MO) on February 3, 2020 both in taken in Washington, DC.

Two US senators called for stricter cryptocurrency regulation after a flood of ransomware attacks that plagued the country in the past months.

Democratic Senator Mark Warner of Virginia, chair of the Senate Intelligence Committee, told NBC Meet the Press on Sunday that regulators need to scrutinize the cryptocurrency loopholes that help criminals carry 0ut cyberattacks.

“There was some good things coming out of distributed ledger technology, but we are seeing now some of the dark underbelly,” Warner said. “If a company is paying, if there’s not some transparency of that payment, the bad guys will simply find another way to hide it.”

The senator said while there has been some progress when it comes to bipartisan legislation, the debate about cryptocurrencies and ransomware is “just starting.”

In May, the Colonial Pipeline paid DarkSide Ransomware a $5 million ransom to restore services, Bloomberg reported. The transaction was said to be untraceable.

The following month, JBS, the largest meat supplier in the US, revealed it was hit by a cyberattack that affected some of its systems. Whether there was a payment of ransom or not remains unclear.

Republican Senator Roy Blunt of Missouri, also a member of the Intelligence Committee, said regulators need to demand more transparency when it comes to attacks like these to protect the American financial system.

“Nobody wanted to report that they had been hacked. That was a fight we’ve been having now for almost a decade,” he told NBC Meet the Press. But “the only way you can begin to get on top of this is to know how pervasive the problem is.”

He continued: “We have a lot of cash requirements in our country, but we haven’t figured out in the country or in the world how to trace cryptocurrency.”

“There ought to be more transparency if a company does pay, so we can go after the bad guys,” Warner said. “Right now what’s happening around ransomware, not only are the companies often not reporting that they are attacked, but they’re not reporting the ransomware payments.”

The Biden administration is reportedly looking at how to increase oversight of the cryptocurrency market to protect retail investors, sources told The Washington Post. The administration is also analyzing potential gaps that may be used to finance illicit activities, sources said.

US Treasury secretary Janet Yellen has been critical of cryptocurrencies in the past, calling out their misuse, which she described in February as “a growing problem.”

“I see the promise of these new technologies,” the former Federal Reserve chief said. “But I also see the reality: cryptocurrencies have been used to launder the profits of online drug traffickers; they’ve been a tool to finance terrorism.”

Read the original article on Business Insider

Ransomware attacks add to bitcoin’s woes, shining a light on the use of cryptocurrencies in crime

GettyImages 1299369052
Critics have long highlighted bitcoin’s use in crime.

  • Ransomware attacks have turned an uncomfortable spotlight onto the use of cryptocurrencies in crime.
  • Hackers attacking the Colonial Pipeline and Ireland’s health service demanded payment in crypto.
  • One analyst said the issue will not go unnoticed by US regulators, which could step up enforcement.
  • Sign up here for our daily newsletter, 10 Things Before the Opening Bell.

Recent high-profile cyber attacks in which hackers demanded to be paid in cryptocurrencies have turned an uncomfortable spotlight on digital tokens and their use in crime.

One analyst said the ransomware attack on the Colonial Pipeline was facilitated by cryptocurrencies, which “will not go unnoticed by the US government and other countries.”

Hackers severely disrupted the US energy network earlier in May when they attacked the crucial Colonial Pipeline’s computing systems. To get the system back up and running, Colonial paid a ransom of nearly $5 million in cryptocurrency, Bloomberg reported, citing people familiar with the matter.

Days later, hackers targeted Ireland’s health service and also demanded a ransom be paid in bitcoin.

Bitcoin has crashed in recent days after Elon Musk said Tesla would no longer accept the token as payment, due to its “insane” and environmentally damaging energy use. Cryptocurrencies slid again on Tuesday after Chinese regulators cracked down on the use of digital assets for payments.

But Jeffrey Halley, senior market analyst at currency firm Oanda, said the so-called ransomware attacks had been an underappreciated factor.

“With Elon Musk grabbing all the headlines on his bitcoin/dogecoin pivot, the real issue is the $5 million ransom paid by Colonial Pipeline,” he said.

“Attacks on critical US infrastructure facilitated by cryptocurrencies will not go unnoticed by the US government and other countries. I would argue that the regulatory threat to cryptocurrencies has increased exponentially.”

Critics of bitcoin and other cryptocurrencies have long argued that they facilitate crime thanks to their anonymous and decentralized nature, which means they are very hard to trace and link to individuals.

Treasury Secretary Janet Yellen said in January that she was concerned about cryptocurrencies for this reason. “I think many are used – at least in a transaction sense – mainly for illicit financing,” she told lawmakers during her confirmation hearing.

Gary Gensler, the Chair of the Securities and Exchange Commission markets regulator, has made similar criticisms in the past.

“Beyond use on the darknet, there are those around the globe who seek to use these new technologies to thwart government oversight of money laundering, tax evasion, terrorism financing, or evading sanctions regimes,” he told Congress in 2018.

Although cryptocurrency companies that deal with customers in the US are covered by various financial regulations, the digital asset markets is largely a grey area outside the traditional world of finance. Regulators have consistently warned that investors should only buy in if they’re willing to lose all their money.

In the US, regulators are keeping a close eye on cryptocurrencies but have not yet committed to any major rule changes during the latest digital asset boom.

Fox Business reported in April that Gensler is waiting for the Treasury to review the currency cryptocurrency rules before the SEC lays out its approach. Fox said Gensler is likely to step up enforcement action.

Regulators are likely to increase their focus on crypto as ransomware attacks become more prevalent, said Rahul Bhushan, co-founder of Rize ETF, which runs a cybersecurity fund.

Yet Bhushan said a stronger “regulatory framework around cryptocurrencies… will help legitimize that market.”

Michael Shaulov, chief executive of crypto firm Fireblocks, said: “The true solution is a capability for law enforcement agencies around the world to distribute real-time information about illicit activities allowing wallet and custody providers to block these funds in transit.”

Colonial Pipeline has been contacted for comment.

Read the original article on Business Insider

Colonial Pipeline says it has restored service to ‘normal operations’ following cyberattack that forced a shutdown

Two women fill their cars with gasoline.
A gas station runs out of gasoline after motorists rush to fill up on May 12, 2021 in Arlington, Virginia.

  • Colonial Pipeline said Saturday that it returned its service to “normal operations.”
  • The company began a restart of pipeline operations at 5 p.m. Wednesday.
  • The company, which provides nearly half of all fuel on the East Coast, was the victim of a cyberattack.
  • Visit Insider’s homepage for more stories.

Colonial Pipeline on Saturday announced that it had returned to “normal operations” days after it restarted its pipeline following a cyberattack that resulted in disruptions across the East Coast.

The company made the announcement on Twitter Saturday at 7:30 a.m. It had restarted the pipeline at 5 p.m. on Wednesday.

“Since this incident began, we have been clear that our focus was on the safe and efficient restoration of service to our pipeline system,” Colonial Pipeline said in a tweet. “That is what we have achieved through the commitment and dedication of the many Colonial team members.”

Read more: The Colonial Pipeline hack finally made the ransomware crisis real for America, and Americans got really mad

It continued: “Our team members across the pipeline worked safely and tirelessly around the clock to get our lines up and running, and we are grateful for their dedicated service and professionalism during these extraordinary times.”

The Colonial Pipeline is the largest pipeline of refined oil products in the US. It transports more than 45% of all fuel used on the East Coast to more than 50 million people from New York to Texas.

The Wall Street Journal reported Friday that DarkSide, the hacker group that took responsibility for the ransomware attack, said it planned to disband following pressure from the US and investigations by law enforcement agencies.

Bloomberg first reported that DarkSide received approximately $5 million in untraceable cryptocurrency from Colonial. According to the Bloomberg report, the company paid the ransom within hours of the May 7 attack.

The attack caused governors in several states to declare states of emergency as residents panic bought gasoline and caused gas stations to hike up prices and run out of fuel. Experts said it could take days to weeks for a return to normal in the affected states.

Read the original article on Business Insider

The Colonial Pipeline is back up, but gas shortages have gotten worse and it’ll take time to make up the shortfall

gas station lines
A customer pumps gas at Costco, as a worker directs traffic, on Tuesday, May 11, 2021, in Charlotte, N.C.

  • The Colonial Pipeline shut down for several days after a cyberattack and was restored on Wednesday.
  • The pipeline transports nearly half of all fuel on the east coast of the US.
  • It will likely take days to weeks for gas stations to return to normal.
  • See more stories on Insider’s business page.

The Colonial Pipeline was back in action Wednesday night after a cyberattack led to gas shortages and outages across the East Coast, but experts warn it could take days to weeks for gas prices and availability to return to normal.

The Colonial Pipeline is the largest pipeline of refined oil products in the US, transporting over 45% of all fuel used on the East Coast (when not affected by a cyberattack) to more than 50 million people.

Following the hack and pipeline shutdown, several states declared states of emergency because of gas shortages, including North Carolina, Georgia, and Virginia. As shortages and outages swept the coast, gas prices skyrocketed.

AAA’s website noted that national gas prices hit an average of $3.03 on Thursday, the highest level since 2014.

US Energy Secretary Jennifer Granholm announced on Thursday morning that the attempt to restart the pipeline on Wednesday night was a success.

Read more: A strategist who timed the March 2020 market bottom for a $32 billion money manager breaks down 2 ways investors can capitalize on the Colonial Pipeline attack

Echoing Granholm’s tweet, the Colonial Pipeline also released a statement on Thursday to say that each market it services should begin to receive petroleum products from the pipeline by midday.

Still, experts predict that it will take days to weeks for gas availability to return to normal – partly because people have been panic-buying and hoarding gas.

Patrick De Haan, the head of petroleum analysis at GasBuddy, said Georgia, North Carolina, South Carolina, and Virginia will likely take the longest to recover.

Previous reports suggested that Colonial Pipeline would not pay the $5 million in ransom requested by the hacking group behind the attack, DarkSide, but a new report from Bloomberg indicates that the company paid the ransom in cryptocurrency “within hours” of the attack.

The hacking group behind the cyberattack, DarkSide, received $5 million in ransom from Colonial Pipeline, Bloomberg reported.

Since the attack, Colonial Pipeline’s website has added a CAPTCHA security check before entering the site, seemingly in an effort to prevent a future hack. The company has been searching for a cybersecurity manager for at least 30 days, according to a posting on the company’s open job listings.

Read the original article on Business Insider

US says fuel supplies should be ‘back to normal’ by the weekend as key pipeline restarts after cyberattack

GettyImages 1232845374
Signs reading “out of gas” cover screens on pumps at a gas station on May 12, 2021 near Four Oaks, North Carolina. Photo by Sean Rayford/Getty Images

  • The Colonial Pipeline began resuming service Wednesday evening.
  • With that, the US Secretary of Energy said “things will be back to normal” by the end of the weekend.
  • The pipeline, which transports 45% of the fuel used by the East Coast, shut down last week following a cyberattack.
  • See more stories on Insider’s business page.

The Colonial Pipeline is back up and running with full operations expected by this weekend, which should bring gas shortages in part sparked by panic buying to an end.

The Colonial Pipeline, the top US fuel pipeline, restarted Wednesday evening, and reported “product delivery has commenced in a majority of the markets we service.”

The successful restart “should mean things will return to normal by the end of the weekend,” US Secretary of Energy Jennifer Granholm said on Twitter Thursday.

“Following this restart, it will take several days for the product delivery supply chain to return to normal,” the company said Wednesday evening. “Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period.”

The pipeline shutdown operations last week after Russian ransomware group DarkSide hacked the company’s systems and demanded money.

The company took the pipeline – which runs from Texas to the New York -area and supplies 45% of the East Coast’s fuel -offline following the attack. A private cybersecurity firm hired by Colonial and the federal government are probing the incident.

Colonial has “made substantial progress in safely restarting our pipeline system,” the company said Thursday in a statement. “By mid-day today, we project that each market we service will be receiving product from our system.”

A few remaining segments of the line will begin operating at 12 p.m. ET, the company said.

Amid the shutdown, some people resorted to panic-buying fuel. Long lines stretched around gas stations, more than 1,000 stations in the US ran dry, and the price of gas surged. Most of the shortages remained on the east coast, especially in North Carolina, South Carolina, and Georgia, a GasBuddy analyst reported.

Read the original article on Business Insider

Colonial Pipeline restarts operations, but says supply chain issues may continue for ‘several days’

Fuel holding tanks are seen at Colonial Pipeline's Linden Junction Tank Farm on May 10, 2021 in Woodbridge, New Jersey. Alpharetta, Georgia-based Colonial Pipeline, which has the largest fuel pipeline, was forced to shut down its oil and gas pipeline system on Friday after a ransomware attack that has slowed down the transportation of oil in the eastern U.S. On Sunday, the federal government announced an emergency declaration that extends through June 8th and can be renewed. On Monday, the FBI confirmed that the cyberattack was carried out by DarkSide, a cybercrime gang believed to operate out of Russia.
Colonial Pipeline, was forced to shut down its oil and gas pipeline system on Friday after a ransomware attack that has slowed down the transportation of oil across the Eastern US.

Colonial Pipeline said in a press release on Wednesday it had “initiated the restart of pipeline operations” at approximately 5 p.m. ET.

“Following this restart, it will take several days for the product delivery supply chain to return to normal. Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period,” the company said.

“Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal,” it said, adding that it’s conducting various safety assessments as it resumes operations.

The announcement follows widespread gas shortages across the eastern US that resulted from the pipeline being taken offline by a crippling ransomware attack.

The 5,500-mile network supplies around 45% of the East Coast’s fuel, and more than 1,000 gas stations ran dry following the attack, creating long lines and sending prices soaring past $3 per gallon for the first time since 2014.

The Biden administration has been working with Colonial to get operations restarted. The Russia-based hacking group DarkSide acknowledged it launched the attack, saying it didn’t intend to cause “problems for society,” and would approach targets differently in the future.

Read the original article on Business Insider