Weekly Intelligence Summary 14 May

Colonial Pipeline Company fell victim to a cyber attack that resulted in 5,500 miles of its US fuel pipelines being shut down, causing public distress and fears of fuel shortages. The attack was attributed to the ransomware group “DarkSide”, but was likely conducted by one of its affiliates. The group responded quickly to the attack, claiming that DarkSide’s only motive is financial gain, and that they do not want to create problems for society. They also announced that the group will begin approving or denying encryption of any companies the group’s affiliates want to target, to avoid future social consequences. Regardless of such efforts to distance the group from the attack, the consequences could be significant for DarkSide; the involvement of US government agencies and law enforcement will likely add pressure to the group’s operations, and the arrest of DarkSide’s members and/or the responsible affiliate is a realistic possibility.