Tag Archive for: decision

Colonial Pipeline CEO tells Senate decision to pay hackers was made quickly


Colonial Pipeline CEO Joseph Blount said Tuesday that his company paid hackers a $4.4 million ransom a day after discovering malware on its systems in early May. The company also hired outside consultants to handle negotiations with the hackers, who were paid in the bitcoin cryptocurrency.



a close up of a sign: Colonial Pipeline was the target of a ransomware attack that forced it to shut down operations. Jim Watson/Getty Images


© Provided by CNET
Colonial Pipeline was the target of a ransomware attack that forced it to shut down operations. Jim Watson/Getty Images

Blount, who was testifying before the Senate Committee on Homeland Security and Governmental Affairs, said the decision to pay the ransom on May 8 was made by the company itself. Federal authorities, however, were notified of the hack within hours of its discovery. 

Loading...

Load Error

“I made the decision to pay, and I made the decision to keep the information about the payment as confidential as possible,” Blount said. “I kept the information closely held because we were concerned about operational safety and security, and we wanted to stay focused on getting the pipeline back up and running.”

The testimony comes a day after the FBI said it had recovered millions of dollars in bitcoin paid to the DarkSide ransomware gang, which attacked the pipeline last month, prompting a shutdown of the East Coast’s main fuel-supply artery. The stoppage led to gasoline hoarding and soaring prices as motorists filled tanks amid uncertainty about supplies.

On Monday, the DOJ said it seized 63.7 bitcoins valued at a total of about $2.3 million, part of the ransom demanded by DarkSide. The criminal enterprise, which has since said it disbanded, is thought to be based in Russia.

The hack promoted the government to issue new cybersecurity regulations for operators of pipelines. The new security directive, issued by the DHS Transportation Security Administration, requires critical pipeline companies to report confirmed and potential cyberattacks to the US Cybersecurity and Infrastructure Security Agency. The directive also requires pipeline companies to undertake a review of their current security practices to identify any risks or gaps. Companies must report results of these reviews to the TSA and CISA within 30 days.

America’s energy crisis: How the…

Source…

Cyber warfare threatens to take over UK’s Armed Forces as Boris makes ‘bold decision’ – Express

  1. Cyber warfare threatens to take over UK’s Armed Forces as Boris makes ‘bold decision’  Express
  2. British Army tanks ‘could be scrapped to make way for cyber-warfare’  Metro.co.uk
  3. Military chiefs could SCRAP British Army’s tanks in move to prioritise cyberwarfare  The Sun
  4. The British Army could scrap all its TANKS under a cost-cutting and modernisation plan  Daily Mail
  5. Army could ‘scrap all of its tanks to focus on cyberwarfare threats’  Daily Star
  6. View Full Coverage on read more

“cyber warfare news” – read more

AT&T sued by Sprint, must defend decision to tell users that 4G is “5G E”

Screenshot from an AT&T commercial showing text that reads,

Enlarge / Screenshot from an AT&T commercial. (credit: AT&T)

Sprint is suing AT&T, alleging that AT&T’s misleading “5G E” advertising campaign violates laws prohibiting false advertising and deceptive acts and practices.

AT&T renamed a large portion of its 4G network, calling it “5G E,” for “5G Evolution.” But as we’ve written, what AT&T calls 5G E consists of technologies that are part of the years-old 4G LTE-Advanced standard and are already used by Verizon, T-Mobile, and Sprint on their 4G networks. Despite that, AT&T has been advertising this supposed upgrade to 5G E and even changing network indicators on smartphones from 4G to 5G E.

“By making the false claim that it is offering a 5G wireless network where it offers only a 4G LTE Advanced network, AT&T is attempting to secure an unfair advantage in the saturated wireless market,” Sprint wrote in a complaint filed yesterday in US District Court for the Southern District of New York. “AT&T’s false and misleading statements deceive consumers into believing that AT&T now operates a 5G wireless network and, through this deception, AT&T seeks to induce consumers to purchase or renew AT&T’s services when they might otherwise have purchased Sprint’s services.”

Read 15 remaining paragraphs | Comments

Biz & IT – Ars Technica

Freshmenu fails to inform users of data breach; firm’s decision not fully unreasonable, say experts

  1. Freshmenu fails to inform users of data breach; firm’s decision not fully unreasonable, say experts  Economic Times
  2. Freshmenu fails to inform users of data breach; experts say decision not fully unreasonable  ETtech.com
  3. Full coverage

data breach – read more