BREAKING NEWS
This content is not available in your region

Russia denies role in cyberattack on US's biggest gasoline pipeline

Access to the comments Comments
Colonial Pipeline storage tanks are seen in Woodbridge, New Jersey on Monday, 10 May, 2021. The company has been hit by a major cyberattack.
Colonial Pipeline storage tanks are seen in Woodbridge, New Jersey on Monday, 10 May, 2021. The company has been hit by a major cyberattack.   -   Copyright  AP Photo/Seth Wenig
Text size Aa Aa

Russia's embassy in the US has denied having any involvement in a cyberattack that has caused major disruption for America's biggest gasoline pipeline.

The Colonial Pipeline was targeted in the ransomware attack over the weekend, leaving the company unlikely to be able to return to full services until at least the end of the week.

On Monday, the US Federal Bureau of Investigations (FBI) said they had identified a criminal gang known as DarkSide, which some researchers believe to be based in Russia, as being behind the cyberextortion effort.

During a speech on Monday, President Joe Biden said that while there was "so far" no evidence of the Kremlin's involvement, he believes the Russian government should take "some responsibility" in dealing with the incident amid "evidence that the actors' ransomware is in Russia".

The US leader said he planned to discuss the issue directly with Russian President Vladimir Putin.

No evidence of Kremlin's involvement

While Biden made clear there is no evidence of Russia's involvement in the attack, on Tuesday, the country's embassy in the US sought to snuff out any speculation.

In a statement published on Facebook on Tuesday, the embassy said it had noticed "attempts of some media to accuse Russia of a cyber-attack on Colonial Pipeline".

"We categorically reject the baseless fabrications of individual journalists and reiterate that Russia does not conduct 'malicious' activity in the virtual space," it said.

? Ответ Посольства Российской Федерации в Соединенных Штатах Америки на вопрос СМИ относительно кибератаки на Colonial...

Posted by Embassy of Russia in the USA / Посольство России в США on Monday, May 10, 2021

Euronews has contacted the embassy for further comment.

What is DarkSide?

According to Boston-based cybersecurity technology firm Cybereason, DarkSide is a "relatively new ransomware strain" that first made its appearance in August 2020.

The ransomware follows a "double extortion trend", meaning that the group not only encrypts the user's data but first extracts it and threatens to make it public if a ransom demand is not paid.

In the wake of the ransomware attack, the criminal group itself has issued a statement asserting that it has no interest in "geopolitics".

"We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives (sic)," the group said in a statement.

"Our goal is to make money, and not creating problems for society," it said.

The group said it was also introducing checks to moderate the companies that its partners could attack to "avoid social consequences in the future".

How Biden responded

The shutdown of the pipeline, which delivers about 45 per cent of the East Coast's gas, caused a supply crunch and spiking prices.

The administration took a variety of steps to address the gasoline situation. The Department of Homeland Security issued a temporary waiver of a federal law overseeing maritime commerce to an individual company, not identified by the department, to allow the transport of additional gas and jet fuel between Gulf Coast and East Coast ports.

The Transportation Department was surveying how many vessels could carry fossil fuels to the Gulf of Mexico and Eastern Seaboard to provide gasoline. Waivers were issued to expand the hours that fuel can be transported by roadways. The Environmental Protection Agency issued waivers on gas blends and other regulations to ease any supply challenges.

Hours before the pipeline was restarted on Wednesday, Biden stressed that the White House has been "in very, very close contact with Colonial Pipeline".

“I think you’re going to hear some good news in the next 24 hours and I think we’ll be getting that under control," he added.

He followed up later with an executive order to improve cybersecurity, seizing the shutdown as an argument for approving the president's $2.3 trillion (€1.9 trillion) infrastructure package.

He is expected to make further remarks on the pipeline on Thursday.

Transportation Secretary Pete Buttigieg said the cyberattack was a reminder that infrastructure is a national security issue and investments for greater resilience are needed.

“This is not an extra, this is not a luxury, this is not an option,” Buttigieg told reporters at the White House on Wednesday. “This has to be core to how we secure critical infrastructure.”