Recently Colonial Pipeline was attacked by hackers, shutting off the company’s pipelines and cutting the flow of oil. This devastating cyberattack is seen as one of the most significant attacks on critical national infrastructure in history. But how did the hackers do this, given how heavily protected the company is? It seems like the hackers have gained access to Colonial’s computer system through the administrative side of the business. They may have been inside the company’s network for weeks or even months before launching their ransomware attack. This has become possible since the company greatly relies on computers, which means that such problems can be prevented by keeping it offline, with no link to the internet at all. The persons responsible for the attack were confirmed as DarkSide, a new but prolific ransomware gang thought to be based in Russia.
The Crossroads of Special Operations