The US FBI confirmed yesterday that the DarkSide ransomware gang was indeed responsible for the ransomware attack on Colonial Pipeline. President Biden, while stopping short of calling out the Russian government as having directed the attack, did say that Moscow bore some level of unspecified responsibility. “So far there is no evidence from our intelligence people that Russia is involved,” the President said yesterday, as quoted in the Washington Post. “Although there is some evidence that the actors’ ransomware is in Russia. They have some responsibility to deal with this.”
Amid reports of spiking fuel prices in parts of the Eastern US, the US Administration also sought to ease concerns about fuel costs, the Washington Post reports. Officials also shared their hope that Colonial Pipeline might be able to substantially restore service by week's end. Colonial is said to have been able to restore some service, but recovery remains in progress.
Colonial Pipeline's corporate website was inaccessible early this morning.
Yesterday's CyberWire Daily Podcast included an interview on the Colonial Pipeline ransomware incident with ICS security expert Sergio Caltagirone, of Dragos. See our continuing coverage of this incident on our website.