Tag Archive for: Colonial

Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group

/in


Earlier today, the RANSOMEDVC ransomware group claimed to have breached Colonial Pipeline company and also leaked 5GB worth of data including internal files and photos.

The infamous RANSOMEDVC ransomware group has declared that they successfully infiltrated Colonial Pipeline, the American company operating a significant pipeline system that transports over 100 million gallons of various petroleum products, including gasoline, diesel fuel, and jet fuel, on a daily basis.

Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group
What the RANSOMEDVC ransomware group published on their dark web blog (Image credit: Hackread.com)

These latest claims from the RANSOMEDVC group surfaced through posts on their dark web blog. The group also shared their claims via their recently launched Telegram channel and their X (previously Twitter) account. It’s worth noting that RANSOMEDVC is the same group that claimed to have breached Sony Corporation in September 2024.

In correspondence with Hackread.com, the group disclosed that apparently, Colonial Pipeline had refused to pay any ransom. However, they did not disclose the size of the alleged stolen data or the ransom amount demanded from the company.

Additionally, RANSOMEDVC publicly shared a file containing 5GB of data, claiming it belongs to Colonial Pipeline. Hackread.com has examined and analyzed this data. While it’s premature to draw definitive conclusions, the files and folders appear to contain a wealth of information, including diagrams, internal documents, leak detection policies, ICS and SCADA-related presentations, as well as photos of employees handling electronic equipment, among other things.

Notably, the photos of employees reveal that their desks feature a “Weekly Status Report” with the Colonial Pipeline logo.

Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group
From the leaked files (Image credit: Hackread.com)

However, in an exclusive statement to Hackread.com, Colonial Pipeline has rejected the claims made by the RANSOMEDVC ransomware group and linked the leaked files to “a third-party data breach unrelated to Colonial Pipeline.”

Colonial Pipeline is aware of unsubstantiated claims posted to an online forum that its system has been compromised by an unknown party. After working with our…

Source…

Black Hat: We Should Have Seen The Colonial Ransomware Attack Coming

/in


Few need to be reminded of the fears that the Colonial Pipeline hack caused in May of 2021, in which airlines scrambled to keep their planes fueled for long-haul flights and Americans across the eastern seaboard panic-bought gas in expectation of supply disruptions.

The severity of the Colonial Pipeline attack was a wake up call for cybersecurity industry leaders, government officials and the media. But speaking at the Black Hat Briefings conference last week, Kim Zetter, an award winning cybersecurity journalist, said that the private sector and the federal government should have seen the attack coming.  

AppSec/API Security 2022

Zetter, whose 2015 book Countdown to Zero Day provided the most thorough accounting to date of the Stuxnet worm attack on Iran’s nuclear enrichment facility at Natanz, used a keynote speech at this week’s Black Hat Briefings in Las Vegas to declare the Colonial Pipeline hack “foreseeable,” pointing to countless warnings given by government entities and cybersecurity experts on the high probability of attackers targeting these entities. 

AdobeStock_433257199_Colonial_Pipeline_sized

25 years of alarms on critical infrastructure cyber risk

And many of those warnings are not of recent vintage. For example, Zetter cited a 1997 warning by U.S. Federal Government officials about possible cyber attacks on critical infrastructure. In October of 1997, President Clinton’s Commission on Critical Infrastructure Protection emphasized the “increasing vulnerability of control systems to cyber attacks.” The Chairman of this same Commission wrote to the President in their report that the “capability to do harm–particularly through information networks–is real (…) and we have little defense against it.” 

Colonial’s cybersecurity is the norm, not the exception

Despite that, the state of America’s critical infrastructure has not changed drastically over the past 2 decades, with the American Society of Civil Engineers giving America’s critical infrastructure a “C-” grade in 2021. The capabilities of cybercriminals have improved as a result of vast advancements made in technology generally. What hasn’t changed over the years is these same criminals’ desire to target CI entities. 

In fact, there…

Source…

Colonial Pipeline attacks of 2021 (Cyber Sandtable).

/in


This past weekend in northern Virginia, we had glorious weather. My wife Kathy and I took the opportunity to do a little antiquing (actually, she did the antiquing and I mostly drove and napped in the car). As I parked near the “Roaches In the Attic Antiques shop,” one of Kathy’s favorites, I just happened to notice on the GPS that we were very close to something called the Colonial Pipeline Dulles Junction. 

Yes, that Colonial Pipeline; the energy conduit that gave us all so much trouble back in 2021 when cyber criminals extorted Colonial Pipeline, the company, with ransomware, and the company leadership shut down their gas distribution pipeline just to be safe. I gave Kathy my go-to look (with over 35 years of marriage practice) that said, “We just gotta go see it.” She returned the favor with her own steely gaze, complete with an eye roll, that signified that I could do whatever I wanted as long as I was back by noon to take her to lunch. With permission in hand, I set off to see if I could find anything interesting.

I don’t know what I was expecting, but there wasn’t much to look at. It’s pretty small, a tad tinier than your typical house plot, situated between two neighborhoods near the Dulles International Airport and sitting alongside the Horsepen Run Stream Valley Park. The space is flat and surrounded by a six foot high fence. Inside the perimeter on the left side, is a silver gas pipe, 32 inches in diameter, that protrudes from the ground for maybe 15 horizontal feet and then sinks back into the dirt to continue its journey to Baltimore. This line, line 4, moves roughly 700 thousand barrels of gas per day from Greensboro, North Carolina to Baltimore, Maryland.

It’s one of the many connecting points for the Colonial Pipeline system and is part of the largest pipeline in the United States. The entire system can carry roughly three million barrels of fuel a day over 5,500 miles from Houston to New York. It connects directly to several major airports, including Atlanta, Nashville, Charlotte, Greensboro, Raleigh-Durham, Dulles, and Baltimore-Washington. In other words, this is how your airports on the East Coast get their jet fuel.

When you think of the…

Source…

Transportation Proposes Near $1M Fine for Colonial Pipeline One Year After Hack

/in



The Department of Homeland Security also noted the anniversary of the attack with … but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you …

Source…