While a major U.S. pipeline was temporarily crippled due to a cyberattack by a “ransomware as a service” provider known as DarkSide, authorities, government officials, and private companies have yet to coordinate their efforts and create the necessary precautions needed to prevent even larger future attacks from happening, reports Axios. Currently, companies’ main strategy is to pay up if hit — and to try to be slightly less vulnerable to attack than their competitors. A report on combating ransomware from the Institute for Security + Technology says that any fight to improve security will require the active involvement of the National Security Council as well as much more regulation of cryptocurrency, which is regularly used to pay the ransom.
Meanwhile, Reuters reports that the FBI has been tracking the cyberhacking group blamed in the attack, DarkSide, since at least October, and the U.S. intelligence community is investigating whether the Colonial Pipeline hackers have ties to the Russian government or other nation states while they also consider offering advice on whether private companies that are hacked should pay the ransoms. Critics including the U.S. Conference of Mayors and many security industry veterans contend that paying ransom just encourages attacks, and the U.S. Treasury said in October that facilitating ransomware payments to sanctioned hackers may be illegal. BloombergLaw reports that gas stations along the U.S. East Coast are beginning to run out of fuel as Colonial Pipeline, North America’s biggest petroleum pipeline, races to recover from the paralyzing cyberattack that has kept it shut for days. The U.S. East Coast is losing around 1.2 million barrels a day of gasoline supply due to the disruption. Shortages are also hitting the aviation industry and come just as the nation’s energy industry was preparing to meet stronger fuel demand from summer travel.