Picture: KACPER PEMPEL/REUTERS
Picture: KACPER PEMPEL/REUTERS

The ransomware crisis continues, this time with an attack on a pipeline that carries almost half of the US east coast’s petrol, diesel and other fuels. Colonial Pipeline’s IT services were reportedly breached by an Eastern Europe-based criminal collective called DarkSide. The company responded by shutting down the pipeline itself, partly out of caution that the attackers could have gained access and partly out of necessity: it is impossible to invoice customers when your business network is locked down pending payment to a gang of hackers.

The US transportation department has temporarily relaxed regulations to prevent a supply shortage, and Colonial says it hopes to be “substantially” back online by the end of the week. This may, in other words, end up far from a catastrophe. Yet that says nothing about the damage the next incursion could do. And incursions will continue until Congress and the White House do something to stop them.

Ransomware response remains paramount, whether that has to do with helping victims restore access and weather the cost of the downtime, or discouraging payments to perpetrators, who will keep striking as long as it’s profitable. There’s also a need for regulations that keep critical infrastructure safer from the start.

President Joe Biden is expected to issue an executive order mandating minimum cybersecurity requirements for federal contractors. But it’s up to Congress to impose similar requirements on those outside the chain of procurement who operate critical infrastructure. In the modern economy it can prove impossible to isolate that infrastructure from the internet entirely, so potential targets must protect themselves as best they can. 

Finally, targets can’t defend themselves on their own. National governments must minimise what these criminals can earn, but also increase the price they pay for their sabotage. Designating ransomware a national security threat would allow for the necessary intelligence resources to go towards rooting out syndicates. That could also deter hackers from going after sensitive targets.

DarkSide said in a news release that “our goal is to make money ... not create problems for society”; maybe the gang is getting nervous about a possible national response. A new designation would make it easier for authorities to impose appropriate punishment, such as asset forfeiture against bad actors and sanctions against countries that harbour them. /Washington, May 10.

Washington Post

subscribe

Would you like to comment on this article or view other readers' comments?
Register (it’s quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.