Security News > 2021 > May > Pipeline Update: Biden Executive Order, DarkSide Detailed and Gas Bags

In the wake of the DarkSide cyberattack, President Biden signed an executive order Wednesday aimed at bolstering the federal government's cyber defenses as the administration juggles a number of digital attacks including SolarWinds and last week's ransomware incident against a major fuel pipeline causing lasting gas shortages.

As of 5 p.m. on Wednesday evening, Colonial was sputtering back to life after closing the fuel faucet to the eastern and southern U.S.; the FBI and the Cybersecurity and Infrastructure Security Agency had issued a joint advisory about the threat actor - DarkSide - that mugged the company; and five affiliated crooks that rent DarkSide ransomware had been fingered by Mandiant FireEye.

In a joint advisory, CISA and the FBI said that DarkSide affiliates leveraging DarkSide have recently been targeting organizations in industries including manufacturing, legal, insurance, healthcare, and energy.

Mandiant FireEye released a new report on DarkSide that detailed three groups of affiliate threat actors that the firm has been tracking.

FireEye said that the creators of DarkSide and their affiliates have affected organizations in 15+ countries and multiple industries, pulling the double-extortion gambit of exfiltrating victim data, deploying the DarkSide ransomware, and then threatening to publish the stolen data to their blog in order to pressure victims into paying the ransom.

DarkSide Is Raking It In. While the country recovers from the attack and cybersecurity researchers dissect DarkSide, DarkSide itself must surely be laughing all the way to the bank.

News URL

https://threatpost.com/pipeline-biden-darkside-gas-bags/166112/