Colonial Pipeline paid nearly $5 million in ransom

How is it more complicated? If the valves are computer controlled, remove the motor/actuator and manually control it until the security hole is patched. If its about flow rate and customers, I'm sure a skilled engineer can find a work around using a solarcell, cell phone, raspberry pi and a rubber band

a reply to: CriticalStinker

The threat happened on DOMESTIC TERRITORY Fool ...

They ahve resources for nonsense. but can't protect domestic infastructure ?

Give me a break ... You start with problems at HOME ...

You start with ROOT CAUSES which is systems connected ONLINE ..

You have to start at automatated OFFLINE operations soon as triggers are LIT from a online attack.

This isn't rocket science. Problem is we have people with simpleton mentality like yours working in high offices who are CLUELESS

a reply to: lordcomac
You forgot step 6. still leave yourself open to future blackmail.

a reply to: CharlesT

Guess who is actually paying that $5mil....us.

More evidence this was a scripted false flag event 😎

a reply to: seedofchucky

Once again, it's a private corporation. They're responsible for their own cybersecurity.

originally posted by: Xcalibur254
a reply to: seedofchucky

Once again, it's a private corporation. They're responsible for their own cybersecurity.

This is the mentality that will get us more of these hacks and supply issues ...

NASCAR is a private corporation yet we sent FBI agents...

They dont' have their own security ?

Oh i got it !! Its only a private corporation if it fits the AGENDA ... Then we gotta keep hands off


Did i get your mentality right ? That's how it works right ?

originally posted by: CriticalStinker
a reply to: seedofchucky

FBI has resources for "wHiTe SuPrEMAcIsTs"
FBI has resources for Fake hate crimes
FBI has resources to chase woman in Alaska for laptops
FBI has resources to find trump supporters

FBI is domestic.

That's why I brought up interpol as well, and we can add the CIA if we're being honest.

The FBI has offices in dozens of U.S. Embassies and they work with foreign governments incl Russia 😎

originally posted by: CharlesT
So Biden didn't get involved in the Colonial pipeline ransomware attack and left them to fend for themselves.
They ended up paying the ransom of $5 million opening the door wide open for more of this kind of attack.
Who will be next?

www.marketwatch.com...
Colonial Pipeline paid Eastern European hackers nearly $5 million in an untraceable cryptocurrency last week in response to a ransomware attack, Bloomberg reported Thursday, citing people familiar with the transaction. A Colonial spokesman didn't immediately respond to a request for comment on the report.

I'll be... I thought they didn't fold. I thought they got some IT guys in there to get them out of their situation. This isn't good, and it sets a bad precedent.

a reply to: seedofchucky

My understanding is the company operates on an intranet like infrastructure.

So it's an airgapped hybrid. They're going to have some level of state to state communication.

Now, even if a system is internal and not connected to the open web as we understand it, that doesn't fully protect an infrastructure like a true airgap.

There are ways of getting malware into a closed loop, see stuxnet.

You're just screaming at me about the federal government should have prevented this without really saying how.

Yes, I do understand how all this works. What I don't understand is how just proclaiming the fed should do more is actually helpful. I like how you said another member must be a Democrat... Well isn't it the right who says the government is generally incompetent? That we shouldn't rely on them for everything? Because that's something I agree with.

Now, obviously that doesn't mean there should be no presence by different agencies in the capacity of monitoring, preventing, and investigating attacks (which are happening every second of every day, look at DDOS attack maps).

This isn't new, this has been going on for years, you must be daft if you don't think otherwise. Did we blame the sitting president on the FedEx ransomware? How about multiple localities? Go look at the number of attacks and time-line darkside has taken credit for, and know they're not alone.

This isn't a non issue, but I'm not seeing any solutions,l offered, just seething and random words in caps.

originally posted by: trollz
Great, now we can look forward to more ransomware attacks against our infrastructure and critical businesses. That's why you don't pay ransom - as soon as you do, everyone else wants their chance at becoming instantly rich. An oil shortage was bad enough, but what happens when there's no electricity?

Good point... Our power grid hasn't been updated since what, the 50's? I've heard it was the easiest thing to hack into.

a reply to: Xtrozero


So what happens when they shut down the electric grid? You gonna stick a windmill on the roof?

originally posted by: CriticalStinker

originally posted by: panoz77
a reply to: CriticalStinker

It was an act of war. Special ops know how to handle these situations.

I know for a fact we have special ops who are armed with computers instead of guns doing similar things.

Do we know if dark side is state sponsored or a rogue actor? If it's a rogue actor, conventional warfare isn't an (wise) option.

There's a lot of unknowns with this.

But if I had to speculate, hitting them at their own game, cyber warfare, is likely the measured response needed. Hack the group, pillage and dox.

it seems you have answered your own question. He needs to DO SOMETHING. We have options, we have help, it's time to use some of that and investigate this, then stop this group. They will continue doing this until they are stopped.

So much for "we dont negotiate with terrorists". Whats the gubments number one job in life....protects its citizens maybe????

This admin gets an F-minus so far.

Now offer a $15 million bounty on those responsible. I'm sure some Russian gang would take you up on that.

originally posted by: CriticalStinker
a reply to: CharlesT

This isn't the first time a ransom has been paid.

Local governments have been ransomwared and found paying is cheaper than a cleanse.

What do we expect the federal government to do in these circumstances?

Subsidize cost? Regulate? Provide IT infrastructure?

Does them not intervening mean no FBI and interpol investigation? I doubt it.

To be clear, Biden is a sh** placeholder, but I am genuinely curious on what we expect a president to do in this situation.

This is true. The industry standard is to pay. I say this as a certified cyber security analyst with over a decade in healthcare IT. They almost ALWAYS pay. Only time they don't is if they have had the foresight to actually invest in their IT departments and are on top of their backups. The big companies/corps just don't like that headline so they try to keep it secret. They all have BTC wallets with money waiting for when, not if.

originally posted by: Xcalibur254
a reply to: seedofchucky

What exactly are the FBI, the CIA, or thr military going to do? Do you want us to start launching attacks on citizens of foreign countries because they may hack a private corporation?

You're right of course.

So that program to replace law enforcement with social workers....maybe we can extend that to our intelligence and national defense agencies?

From our recent viewing of the CIA propaganda film posted here, looks like they're well on their way.

a reply to: CharlesT

Biden says he had no idea a ransom was paid.

Well blow me away!: www.foxbusiness.com...

originally posted by: network dude

originally posted by: CriticalStinker

originally posted by: panoz77
a reply to: CriticalStinker

It was an act of war. Special ops know how to handle these situations.

I know for a fact we have special ops who are armed with computers instead of guns doing similar things.

Do we know if dark side is state sponsored or a rogue actor? If it's a rogue actor, conventional warfare isn't an (wise) option.

There's a lot of unknowns with this.

But if I had to speculate, hitting them at their own game, cyber warfare, is likely the measured response needed. Hack the group, pillage and dox.

it seems you have answered your own question. He needs to DO SOMETHING. We have options, we have help, it's time to use some of that and investigate this, then stop this group. They will continue doing this until they are stopped.

We've gotten into Russia's eletric grid and left code for them to find so they saw we were there.

So I know it's been done, and it can likely be done to a similar extent again.

But the question here is again, was this state sanctioned.

I never bought into Russia directly aligning with Trump, but I do however humor them trying to sew discord within America. So I think we should tread carefully. That's not to say we don't react/respond.... But how we discuss this as citizens is important. And I don't think instantly putting issues in partisan context before they're allowed to be discussed is the wisest approach for us as a nation.

I find it odd that everything is political, including things that effect us all.

a reply to: seedofchucky

So the FBI should've gone in before anything happened?

As we've seen time and time again, once the ransomware is in a system it's easier to just pay the ransom before it gets too high and countless dollars have been spent getting to get rid of it.

At the end of the day the FBI is an investigative department (it's right there in the name.) We know who did this. Unfortunately we have no jurisdiction to arrest them. So there's not much the FBI can do at this point.