Friday, May 14, 2021

Colonial Pipeline pays $5 million to ransomware gang, report

 A hacker group breached a major US fuel pipeline last week

Credit: Getty

https://www.dailydot.com/debug/colonial-pipeline-5-million-ransomware/ 

Colonial Pipeline reportedly paid nearly $5 million to a cybercriminal gang on Friday after the company’s systems were targeted with ransomware.

Despite initial claims that the company did not intend to pay, Bloomberg reported on Thursday that Colonial Pipeline agreed to the extortion fee in an effort to restore its services.

The company, which operates a pipeline that transports close to half of the East Coast’s fuel, is said to have transferred the DarkSide ransomware gang millions of dollars in cryptocurrency just hours after being infected.

After receiving the payment, DarkSide provided Colonial Pipeline with a decryption tool designed to give the company access back to its own files. Yet the tool reportedly worked so slowly that the company ultimately ended up relying more on its own server backups.

Colonial Pipeline, which intentionally halted its services in an effort to contain the ransomware’s spread, has since stated that it believes it will return to full operating capacity by the end of Thursday.

The incident is largely unsurprising to some, including the author of a 2018 audit of Colonial Pipeline’s network who argued that “an eighth-grader could have hacked into that system.”

Concerns over the ransomware incident led to panic buying at gas stations across the East Coast, leading to fuel shortages as a result.

The company, which operates a pipeline that transports close to half of the East Coast’s fuel, is said to have transferred the DarkSide ransomware gang millions of dollars in cryptocurrency just hours after being infected.

After receiving the payment, DarkSide provided Colonial Pipeline with a decryption tool designed to give the company access back to its own files. Yet the tool reportedly worked so slowly that the company ultimately ended up relying more on its own server backups.

Colonial Pipeline, which intentionally halted its services in an effort to contain the ransomware’s spread, has since stated that it believes it will return to full operating capacity by the end of Thursday.

The incident is largely unsurprising to some, including the author of a 2018 audit of Colonial Pipeline’s network who argued that “an eighth-grader could have hacked into that system.”

Concerns over the ransomware incident led to panic buying at gas stations across the East Coast, leading to fuel shortages as a result.

DarkSide, a suspected Eastern European group which has only been active for around six months, is believed to have generated more than $30 million so far through its extortion efforts.

Although the FBI currently recommends that targets of such hacks not pay, reports suggest that funds received by ransomware groups continue to increase. In 2020 alone, victims are believed to have paid over $350 million in cryptocurrency in total after being targeted by ransomware.

In the wake of the pipeline incident, President Joe Biden on Wednesday announced a new executive order aimed at strengthening the country’s digital defenses.

Thursday, May 13, 2021

Pipeline Inspector Calls In To The Alex Jones Show: “It’s 100% A Manufactured Collapse”

 a map of Colonial pipeline.

https://www.infowars.com/posts/pipeline-inspector-calls-in-to-the-alex-jones-show-its-100-a-manufactured-collapse/ 

An oil and energy expert calling in to the Alex Jones Show Wednesday claimed the US fuel crisis and gas shortages were part of a “manufactured collapse.”

“You’re 100 percent right,” says the caller, who claims he’s surveyed the Colonial Pipeline in the past. 

“I’ve spent 15 years working in the oil and gas industry and also the energy industry, I just finished working 10 months in California and I’ve seen what they’re doing there, and it’s 100 percent a manufactured collapse.”

“If they wanted this thing going they would send guys out and open the valves up and get gas flowing tomorrow. They don’t need the electrical instrumentation to do that. So this is 100 percent a manufactured crisis. They’re trying to collapse the country.”

Tuesday, May 11, 2021

Biden Administration FAILING US As Gas Shortage, Inflation, Migrant Cris...

Gas stations along Southeast coast suffer fuel shortage amid pipeline shutdown

 Fuel is running low in South Florida.

Fuel is running low in South Florida.
Photo by Gerardo Mora / Getty Images

 https://nypost.com/2021/05/11/southeast-coast-suffers-gas-shortage-amid-pipeline-shutdown/ 

Gas stations along the Southeast coast are beginning to feel the pinch from the shutdown of the biggest oil pipeline in the US due to a crippling cyberattack believed to be orchestrated by a Russia-based criminal group

The closure of the 5,500-mile Colonial Pipeline, which carries more than 100 million gallons of fuel from Texas to New Jersey each day, has stretched into its fifth day. The Alpharetta, Georgia-based company suspended all operations after it was hit Friday by a ransomware attack that could prove to be among the most costly in US history. 

Colonial said Monday it hopes to get most of its operations back online by the weekend, but that’s not soon enough to avoid shortages and price hikes as supply has already started to dwindle.

About 7.6 percent of gas stations in Virginia were out of fuel by early Tuesday, according to GasBuddy analyst Patrick DeHaan’s estimates. He added that nearly 5 percent of gas stations in North Carolina, 3.3 percent in Georgia as well as 2.4 percent in Florida are also reporting that they’ve sold out of fuel. 

The shortages spurred North Carolina Gov. Roy Cooper to declare a state of emergency on Monday to help ensure the state maintains a sufficient fuel supply.

Drivers could see shortages and price hikes as Colonial Pipeline recovers from a cyberattack.
AP

Panic buying appears to have exacerbated the limited supply. DeHaan said that across Georgia, Florida, South Carolina, North Carolina and Virginia, demand for gasoline rose more than 40 percent. 

Supermarket chain Ingles, which operates gas stations across North Carolina, South Carolina, Georgia and Tennessee, is already seeing shortages and running completely out of gas at some of its locations, CFO Ron Freeman told the Citizen Times.

At an Exxon Mobil station in Asheville, North Carolina, a clerk answered the phone with “Hello, I’m currently out of gas,” according to Bloomberg. The outlet added that another station in Manning, South Carolina, had bagged their pumps and marked them “Out of service.”

Atlanta-based RaceTrac confirmed to WSBTV-2 that some of its Georgia gas stations are already reporting temporary outages. And WBTW-TV reported lines at stations across South Carolina, from Marion and Mullins to Myrtle Beach, are growing longer as drivers scramble to stock up on gas. 

Concerns about gas shortages and images of panic buying rolled in on social media Monday night. 

North Carolina Gov. Roy Cooper declared a state of emergency over the potential gas shortages.
AP

In a meeting on Monday, Colonial’s chief executive Joseph Blount warned state officials that supply shortages could occur throughout the week as the company and the federal government work to get operations back up and running, Bloomberg reported. The outlet added that the White House said it is “monitoring supply shortages in parts of the Southeast.” 

While the company said Monday that it’s manually operating a portion of the pipeline running from North Carolina to Maryland, most of the line is still down. Colonial is working with the federal government to investigate and respond to the hacking. Commerce Secretary Gina Raimondo said Sunday that an “all-hands-on-deck” effort is underway to restore operations.

“We are working closely with the company, state and local officials to make sure that they get back up to normal operations as quickly as possible and there aren’t disruptions in supply,” Raimondo said.

On Monday, the FBI confirmed the cyberattack was carried out by a professional gang of hackers known as “DarkSide.”

DarkSide claimed in a statement, “Our goal is to make money, and not creating problems for society.”
AFP via Getty Images

 DarkSide is known to extort cash from corporations and give a cut to charity, the Associated Press reported Sunday, citing sources familiar with the federal investigation.

In a statement reportedly posted on DarkSide’s website, the group claimed, “Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”

The statement, provided to CNBC by the Boston-based security company Cybereason on Monday, added: “We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for our motives.”

The White House said it was monitoring the gas shortages in the Southeast.
REUTERS

While President Biden stopped short Monday of linking the Kremlin and DarkSide, he said that “there is evidence that the actors’ ransomware is in Russia.”

During a White House briefing, Anne Neuberger, deputy national security adviser for cyber and emerging technologies, also described DarkSide as “a criminal actor” but said that “our intelligence community is looking for any ties to any nation-state actors.

Monday, May 10, 2021

Copper price hits record high as Chile gives bulls another reason to cheer

 Copper price hit record high as Chile gives bulls another reason to cheer

SX-EW processing at Chuquicamata mine in Chile. Image from Codelco.

https://www.mining.com/copper-price-hits-record-high-as-chile-gives-bulls-another-reason-to-cheer/?utm_source=Daily_Digest&utm_medium=email&utm_campaign=MNG-DIGESTS&utm_content=copper-price-hits-record-high-as-chile-gives-bulls-another-reason-to-cheer

The world’s top copper producer Chile is giving bulls another reason to cheer while prices soared to an all-time high on Friday as optimism about a global rebound from the pandemic spurs a surge across commodities markets.

Copper for delivery in July ended the day up 3.2%, with futures trading at $4.7490 per pound ($10,470 a tonne) on the Comex market in New York.

Chile’s lower house on Thursday approved a measure that would introduce progressive taxes on copper sales, potentially creating a total burden of more than 80% — or almost double that of other major copper-producing nations.

The measure, which would go into effect in 2024, still needs to be approved by the senate and could be blocked by the government in court. But if it succeeds, it could stall investments in a country where mature low-grade deposits need plenty of expenditure just to maintain output levels of about 5.7 million tonnes a year.

Related read: As China row deepens, 1 million tonnes of Australian copper concentrate needs new buyers

“This would at the very least delay any new capacity, extending the lengthy time-line to bring on a new mine,” said Grant Sporre, an analyst at Bloomberg Intelligence.

“Chile’s output could start to fade to 5 million tonnes.”

Chile’s copper export revenue jumped 69% in April. The world’s top copper producer said it had exported $4.541 billion worth of copper in April alone.

“The copper market as it currently stands is not prepared for this demand environment”

Goldman Sachs Group

Prices are up more than 30% this year and have more than doubled from lows in March of last year.

Click here for an interactive chart of copper prices

“Given high payments to the state, some assets would be un-investable and thus it limits the pool of mines that can make adequate returns, limiting supply,” said BTG Pactual analyst Cesar Perez-Novoa.

“No mining company is going to take risks without being rewarded.”

“It’s hard to foresee copper prices turning around amid the current bullish atmosphere,” Ji Xianfei, an analyst with Guotai Junan Futures told Bloomberg.

“Macro easing, ample liquidity and a weaker dollar continue to drive the rally, while the broader commodities surge is being fueled by bets on inflation.”

Trading house Trafigura Group, Goldman Sachs, and Bank of America expect copper to extend gains.

Steel prices across Asia and North America are also booming, iron ore is at a record above $200 per tonne as miners struggle to keep up with the frenzied pace of consumption, and tin topped $30 000 for the first time in a decade.

“The copper market as it currently stands is not prepared for this demand environment,” said Goldman Sachs Group Inc.

There are a few major mines in development and none on the scale required to meet forecasts for future demand.

“We don’t have many shovel-ready projects,” said Ivan Glasenberg, billionaire CEO of Glencore Plc.

“You will need the so-called $15,000 copper price to encourage a lot of this more difficult investment.”

Risks

There’s signs emerging in China, the top consumer, that high copper prices are starting to bite and authorities have pledged to stabilize raw material prices.

China’s imports of copper ore and concentrate fell in April from the previous month, according to customs data released Friday.

Some manufacturers and end-users have been slowing production or pushing back delivery times after costs surged, Shanghai Metals Market said last week.

(With files from Reuters and Bloomberg)

U.S. government working to aid top fuel pipeline operator after cyberattack

 A logo sign outside of a Colonial Pipeline Company facility in Baltimore, Maryland.

A logo sign outside of a Colonial Pipeline Company facility in Baltimore, Maryland.
Tripplaar Kristoffer | SIPA | AP

https://www.reuters.com/business/energy/top-us-fuel-pipeline-operator-pushes-recover-cyberattack-2021-05-09/ 

The White House was working closely with top U.S. fuel pipeline operator Colonial Pipeline on Sunday to help it recover from a ransomware attack that forced the company to shut a critical fuel network supplying populous eastern states.

The attack is one of the most disruptive digital ransom schemes reported and has prompted calls from American lawmakers to strengthen protections for critical U.S. energy infrastructure from hacking attacks.

Commerce Secretary Gina Raimondo said the pipeline fix was a top priority for the Biden administration and Washington was working to avoid more severe fuel supply disruptions by helping Colonial restart as quickly as possible its more than 5,500-mile (8,850 km) pipeline network from Texas to New Jersey.

“It’s an all hands on deck effort right now,” Raimondo said on CBS’ “Face the Nation” program. “We are working closely with the company, state and local officials, to make sure that they get back up to normal operations as quickly as possible and there aren’t disruptions in supply.”

Colonial said on Sunday its main fuel lines remain offline but some smaller lines between terminals and delivery points are now operational. Neither Raimondo nor the company gave an estimate for a full restart date and Colonial declined further comment on Sunday.

U.S. gasoline futures jumped more than 3% to $2.217 a gallon, the highest since May 2018, as trading opened for the week and market participants reacted to the closure.

Colonial transports roughly 2.5 million barrels per day of gasoline and other fuels from refiners on the Gulf Coast to consumers in the mid-Atlantic and southeastern United States.

Its extensive pipeline network serves major U.S. airports, including Atlanta's Hartsfield Jackson Airport, the world's busiest by passenger traffic.

A Charlotte Douglas International Airport spokesperson said the airport had supply on-hand and was "monitoring the situation closely," adding that the complex is supplied by another major pipeline as well as Colonial.

Retail fuel experts including the American Automobile Association said an outage lasting several days could have significant impacts on regional fuel supplies, particularly in the southeastern United States.

During previous Colonial outages, retail prices in southeastern states have risen substantially.

Offices of governors in several of the U.S. states most vulnerable to fuel shortages - including Tennessee, Georgia and Maryland - were not immediately available for comment.

CYBERCRIMINALS SUSPECTED

While the U.S. government investigation is in the early stages, a former U.S. official and three industry sources said the hackers are suspected to be a professional cybercriminal group called DarkSide.

DarkSide is one of many ransomware gangs extorting victims while avoiding targets in post-Soviet states. The groups gain access to private networks, encrypt files using software, and often also steal data.

They demand payment to decrypt the files and increasingly ask for additional money not to publish stolen content.

In the Colonial attack, the hackers took more than 100 gigabytes of data, according to a person familiar with the incident.

As the FBI and other government agencies worked with private companies to respond, the cloud computing system the hackers used to collect the stolen data was taken offline Saturday, the person said.

Colonial's data did not appear to have been transferred from that system anywhere else, potentially limiting the hackers' leverage to extort or further embarrass the company.

Cybersecurity firm FireEye (FEYE.O) is among those dealing with the attack, industry sources said. FireEye declined to comment. Colonial said it was working with a "leading, third-party cybersecurity firm," but did not name the firm.

Messages left with the DarkSide hackers were not immediately returned. The group's dark website, where hackers regularly post data about victims, made no reference to Colonial Pipeline.

Colonial declined to comment on whether DarkSide hackers were involved in the attack, when the breach occurred or what ransom they demanded.

BIDEN BRIEFED ON HACK

President Joe Biden was briefed on the cyberattack on Saturday morning, the White House said, adding that the government was working to try to help the company restore operations and prevent supply disruptions.

U.S. Senator Bill Cassidy, a Republican from Louisiana who sits on the Energy Committee, said lawmakers are prepared to work more with privately held critical infrastructure companies to guard against cyberattacks.

"The implication for this, for our national security, cannot be overstated. And I promise you, this is something that Republicans and Democrats can work together on," he said on NBC's "Meet the Press."

Another fuel pipeline serving the same regions carries a third of what Colonial does. Any prolonged outage would require tankers to transport fuels from the U.S. Gulf Coast to East Coast ports.

The Federal Motor Carrier Safety Administration is issuing a temporary hours of service exemption to truckers transporting refined products to 17 southern and east coast states including Alabama, Delaware, Florida, Georgia, New Jersey and New York.

Complicating the fallback plans, according to one industry source familiar with the federal response, was that the ranks of fuel-truck drivers for the main road transportation companies, which could pick up some of the pipeline volume, are down by 25% or more because of coronavirus infections.

Oil refining companies contacted by Reuters over the weekend said their operations had not yet been impacted. Some were working to find alternative transport for customers.

The privately held, Georgia-based company is owned by CDPQ Colonial Partners L.P., IFM (US) Colonial Pipeline 2 LLC, KKR-Keats Pipeline Investors L.P., Koch Capital Investments Company LLC and Shell Midstream Operating LLC.