Gas prices hit highest level since 2014 after Colonial Pipeline hack

US gas prices surge to seven-year high on fifth day of DarkSide cyber shutdown of Colonial Pipeline: Fuel distributors warn of ‘catastrophic’ shortages as Putin denies link to hackers

  • The national average for retail gasoline prices was at $2.985 as of Tuesday, which is the highest in seven years 
  • The last time average gas prices were above $2.99 was back in November 2014 
  • Colonial Pipeline has said it is trying to ‘substantially’ restore operations by the end of the week but reports of gas shortages are already emerging 
  • Fears of a looming shortage have already prompted panic buying with gas stations in various cities already running out of fuel or restricting sales
  • Motorists were also lining up in Florida, North Carolina, Georgia and Virginia
  • The 5,500 pipeline, which runs from Texas to New Jersey and transports 45% of the East Coast’s supply, shut down five days ago following the ransomware hack
  • The FBI has confirmed that DarkSide, a Russian hacking outfit made up of ransomware veterans, was responsible for the attack 
  • Colonial, which is based in Atlanta, Georgia, has not yet said whether it has already paid or is negotiating a ransom with the hackers 
  • Russian President Vladimir Putin on Tuesday denied any involvement 

Gas prices have spiked to a seven-year high after Colonial Pipeline was forced to shut off the nation’s biggest fuel pipeline in the wake of a cyberattack as some fuel distributors warned of ‘catastrophic’ shortages across the South and Northeast. 

The national average for retail gasoline prices was at $2.985 as of Tuesday, according to the American Automobile Association. The last time the average gas prices were above $2.99 was back in November 2014.

Colonial Pipeline has said it is trying to ‘substantially’ restore operations by the end of the week but reports of gas shortages and panic buying are already emerging with motorists lining up from Florida to Virginia for fuel.

The 5,500 mile pipeline, which runs from Texas to New Jersey and transports 45 percent of the East Coast’s fuel supply, shut down five days ago following the ransomware hack. 

The FBI has confirmed that DarkSide, a Russian hacking outfit made up of ransomware veterans, was responsible for the attack. 

Russian President Vladimir Putin on Tuesday denied any involvement. His spokesman said: ‘Russia has nothing to do with these hacker attacks, and had nothing to do with the previous hacker attacks. We categorically do not accept any accusations against us.’ 

Colonial, which is based in Atlanta, Georgia, hasn’t said whether it has already paid or is negotiating a ransom with the hackers. 

The White House earlier declined to say whether companies that are hacked like Colonial should pay ransom to their attackers, saying instead that it was typically a ‘private sector decision’ – a move that has since been condemned by cybersecurity experts.

Meanwhile, as the shutdown entered its fifth day, a Maryland fuel distributor warned there would be ‘catastrophic’ shortages in the coming days given Colonial has only managed to restore some services in the wake of the hack. 

Colonial Pipeline said it was working to ‘substantially’ resume operations by the end of this week but reports of gas shortages are already emerging up and down the East Coast as motorists were spotted lining up in Atlanta on Tuesday morning

As the shutdown entered its fifth day, dozens of motorists lined up in Atlanta, Georgia for gas on Tuesday amid shortages due to the Colonial shut down 

The national average for retail gasoline prices was at $2.985 as of Tuesday, according to the American Automobile Association. The last time the average gas prices were above $2.99 was back in November 2014

The attack on Colonial Pipeline, which runs from Texas to New Jersey and transports 45 percent of the East Coast’s fuel supply, is the largest assault on US energy infrastructure in history and has sent shockwaves across the industry

‘It’s going to be catastrophic,’ John Patrick, chief operating officer of Liberty Petroleum LLC, told Bloomberg. 

‘Governors should declare a state of emergency and ask people chasing tanker trucks to gas stations to stay home. School buses stay put.’ 

North Carolina Governor Roy Cooper issued an emergency declaration in his state on Monday to help people prepare for possible shortages. 

Fears of a looming shortage have already prompted panic buying with gas stations in various cities already running out of fuel or restricting sales.

Motorists were also lining for hours across Florida, North Carolina, Georgia and Virginia.

American Airlines has also been forced to add refuel stops to two long haul flights from its Charlotte, North Carolina hub as a likely effort to conserve fuel in areas where it could run short.

The AAA had already warned that gasoline prices could spike three to seven cents per gallon this week and said that there also could be ‘limited fuel availability’ in places. 

‘This shutdown will have implications on both gasoline supply and price, but the impact will vary regionally,’ an AAA spokesperson said. 

‘Areas including Mississippi, Tennessee and the East Coast from Georgia into Delaware are most likely to experience limited fuel availability and prices increases as early as this week.

‘These states may see prices increase three to seven cents this week.’  

On the streets, motorists in Atlanta were reporting having to go to three different gas stations to fill up.

‘Gas stations around Atlanta are running out of gas and the ones that have it are hiking up the prices,’ said one man on Twitter.

Another said: ‘Y’all better go and fill up on gas Atlanta. I finally got gas after trying at 3 gas stations.’

A third man said: ‘I went to three gas stations and they were out of gas. Hope to make it to one with gas before my car stop.’    

Long lines of cars were spotted awaiting for gas at a Costco in Atlanta, Georgia on Tuesday morning

Colonial said it was working to ‘substantially’ resume operations by the end of this week but reports of gas shortages are already emerging up and down the East Coast, Pictured above is a gas station in Atlanta

As the shutdown entered its fifth day, motorists lined up across the South for gas. Pictured above is a gas station in Smyrna, Georgia on Monday

Drivers in Asheville, North Carolina, posted photos of long lines waiting to fill up their cars

Gas stations from Florida to Virginia have closed their pumps and a state of emergency has been declared by the governor of North Carolina after Colonial Pipeline was forced to shut off the nation’s big fuel pipeline when it was hacked

The American Automobile Association is predicting that gas prices will only surge as a result of the shutdown after the national gas price average jumped six cents to $2.9. Pictured above is a gas station in Atlanta on Monday

DarkSide: The Russian hacking outfit behind the Colonial Pipeline attack is given free rein by the Kremlin to target Western countries 

The cyberextortion attack that forced the shutdown of America’s largest fuel pipeline was carried out by a criminal gang known as DarkSide that is believed to based out of Russia where they are given free rein to target Western countries.

DarkSide is made up of veteran cybercriminals but insists it is not political. Like many others, however, DarkSide seems to spare Russian, Kazakh and Ukrainian-speaking companies, which does suggest a link to Russia.

Ransomware rackets are now dominated by Russian-speaking cybercriminals who are shielded – and sometimes employed – by Russian intelligence agencies, according to US officials.

Cyber experts say Russia gives free rein to hackers who target the US and European countries.

DarkSide has already boasted that it has been paid millions of dollars in ransom from 80 companies across the US and Europe.

‘Whether they work for the state or not is increasingly irrelevant, given Russia’s obvious policy of harboring and tolerating cybercrime,’ Dmitri Alperovitch, a former CTO of CrowdStrike, told NBC of DarkSide’s recent hacking.

The FBI on Monday confirmed that DarkSide was responsible for the attack on Colonial Pipeline that has experts fearing widespread gas shortages and significant price hikes. The federal agency did not mention DarkSide’s ties to Russia.

The US last month slapped sanctions on Russia for malign activities including state-backed hacking. The Treasury Department said Russian intelligence has enabled ransomware attacks by cultivating and co-opting criminal hackers and giving them safe harbor.

DarkSide, which cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, said in a statement posted on the dark web that their only goal was to ‘make money’ and not create problems for society.

‘We are apolitical, we do not participate in geopolitics,’ the statement read. ‘Our goal is to make money and not creating problems for society.’

‘From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.’

Despite only emerging in August last year, DarkSide appears to be very organized, experts say.

Those who have tracked DarkSide said it appears to be composed of veteran cybercriminals who are focused on squeezing out as much money as they can from their targets.

‘They’re very new but they’re very organized,’ Lior Div, the chief executive of Boston-based security firm Cybereason, said. ‘It looks like someone who’s been there, done that.’

DarkSide is one of a number of increasingly professionalized groups of digital extortionists, with a mailing list, a press center and a victim hotline to help facilitate ransom payments.

Experts say DarkSide was likely composed of ransomware veterans and that it came out of nowhere in the middle of last year and immediately unleashed a digital crimewave.

DarkSide’s site on the dark web hints at their hackers’ past crimes with claims they previously made millions from extortion and that just because their software was new ‘that does not mean that we have no experience and we came from nowhere’.

The site also features a Hall of Shame-style gallery of leaked data from victims who haven’t paid up. It advertises stolen documents from more than 80 companies across the US and Europe.

One of the more recent victims featured on its list was Georgia-based rugmaker Dixie Group Inc, which publicly disclosed a digital shakedown attempt affecting ‘portions of its information technology systems’ last month.

DarkSide has previously targeted Enterprise rental cars, Canadian real estate firm Brookfield Residential and an Office Depot subsidiary called CompuCom.

The group has a supposed code of conduct intended to spin the group as reliable, if ruthless, business partners.

They have publicly stated that they prefer not to attack hospitals, schools, non-profits, and governments. They instead go after big organizations that can afford to pay large ransoms and claims to donates a portion of its take to charity.

The group has posted receipts from donations it claims it has made to US charities in the wake of ransom attacks.

In North Carolina, a reporter with WLOS spoke to a cashier at a gas station in Robbinsville, whose pumps were dry.

‘Clerk said manager told her it could be five days before they have gas again. Says phone has been ringing off the hook of people calling around to find gas,’ the reporter tweeted.

Florida resident Katina Willey told Reuters she went to five gas stations before she found one that had fuel available.

‘There were lines at three of the five stations I tried,’ she said. Other motorists said they were seeking to fill up for fear the situation could worsen. 

The pipeline, the largest in US, is responsible for transporting more than 100 million gallons of fuel – 2.5 million barrels – daily through pipelines laid out between Texas and New Jersey. 

Emergency shipments of gasoline and diesel from Texas are already on the way to Atlanta and other southeast cities via trucks.  

Airlines flying out of Philadelphia International Airport are burning through jet-fuel reserves and the airport has enough to last ‘a couple of weeks,’ a spokeswoman said.  

Hartsfield-Jackson Atlanta International Airport, the major hub for Delta Air Lines, said it is looking at other suppliers of fuel but that operations have not been affected.

‘Hartsfield-Jackson and its airline partners are in close communications with fuel suppliers and are taking steps to mitigate any impact the Colonial incident might have,’ a spokeswoman told CNBC. 

‘Currently, ATL is coordinating with additional suppliers to augment the airport’s fuel inventory.’

Delta declined to comment on the pipeline outage.

United said that it is working with airports ‘to understand the impact and our operations are not impacted at this time.’ 

Oil prices fell on Tuesday as fears faded that the outage would continue for weeks ahead.

‘The rally in oil prices was short-lived as the Colonial Pipeline disruption seems it will not have a prolonged impact,’ Edward Moya, senior market analyst at OANDA, said in a Tuesday note. 

DarkSide claimed in a statement posted on the dark web on Monday that their only goal was to ‘make money’ and not cause chaos with their ransomware attack.   

‘We are apolitical, we do not participate in geopolitics,’ the statement read. ‘Our goal is to make money and not creating problems for society.’

‘From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.’

Despite saying they want to avoid chaos, experts have warned that the shutdown of Colonial last Friday could cause extraordinary disruption and result in a spike in gas prices the longer the pipeline remains down. 

The Russian embassy in the US has denied involvement, saying: ‘We categorically reject the baseless fabrications of individual journalists and reiterate that Russia does not conduct ‘malicious’ activity in the virtual space.’ 

Former House Speaker Newt Gingrich on Monday night said Joe Biden should be authorized to ‘order the killings of anybody overseas’ who was found to be behind attacks on America’s infrastructure, describing the cyberhack of the Colonial Pipeline as ‘an act of war’. 

Gingrich said that the United States needed more power to go after those responsible.

‘On the national security part, we ought to pass a law immediately that makes this kind of hacking subject to a death penalty and the law should include a provision that the president, through a judicial process, should be able to order the killings of anybody overseas who is doing this,’ he told Fox News’ Sean Hannity. 

‘It’s an act of war against the United States to do stuff like this.

‘We need to react to it as an act of war, and the American people are going to look at their representatives and their senators and say, if you don’t fix this, your successor will. I won’t put up with it, and I won’t put up with you if you don’t fix it.’

Gingrich said it was pitiful that the US was falling prey to such attacks.

‘We have no idea who they are. We have no idea where they are,’ he said. ‘If we did know who they were, we would have no mechanism to do anything about it.

‘A great country can’t allow people to savage it and have no consequences and wait for the next attack.

‘And yet that literally is where we are.’   

Russian hackers DarkSide claim their ‘goal is to make money not problems’ with the attack on Colonial Pipeline 

The Russian criminal gang known as DarkSide that is behind the attack that shut down Colonial Pipeline on Monday claimed that their only goal is to ‘make money’ and not cause chaos.    

DarkSide, which cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, said in a statement posted on the dark web that their only goal was to ‘make money’ and not create problems for society. 

‘We are apolitical, we do not participate in geopolitics,’ the statement read. ‘Our goal is to make money and not creating problems for society.’

‘From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.’

Despite saying they want to avoid chaos, experts have warned that the shutdown of Colonial last Friday could cause extraordinary disruption and result in a spike in gas prices the longer the pipeline remains down.  

Colonial has said it is aiming to restore its services by the end of the week after being forced to shut down all its pipeline operations to contain the ransomware cyberattack threat.     

Cyber experts have warned the attack has the potential to become a ‘real-world catastrophe’ the longer it stretches out and say it should serve as a wake-up call to companies about the vulnerabilities they face. 

‘This could be the most impactful ransomware attack in history, a cyber disaster turning into a real-world catastrophe,’ Andrew Rubin, CEO and co-founder of cybersecurity firm Illumio told NBC News.

‘It’s an absolute nightmare, and it’s a recurring nightmare. Organizations continue to rely and invest entirely on detection, as if they can stop all breaches from happening. But this approach misses attacks over and over again. Before the next inevitable breach, the president and Congress need to take action on our broken security model.’    

The cyberattack carried out by Russian ransomware hackers that shut down Colonial Pipeline, America’s largest fuel pipeline, has left the operator and the US government scrambling to restart the network to avoid fuel shortages and price hikes 

Sources told Bloomberg News that hackers stole nearly 100 gigabytes of data out of Colonial’s network on Thursday before demanding a ransom. Colonial, which is based in Georgia, has not yet said whether it has paid or is negotiating a ransom with the hackers

Experts are saying that gasoline prices are unlikely to be significantly affected and there will not be a lasting impact if the pipeline is back to normal within five days. If it lasts anywhere between six to 10 days, Wells Fargo analyst Roger Read warned gas prices will continue to spike along the East Coast and spot shortages will start in the Southeast. Anymore than 10 days offline will result in ‘significant fuel shortages’ in the Southeast, according to Wells Fargo.  

The FBI has been tracking the group responsible since at least October and are investigating whether they have ties to the Russian government. 

The cyber gang, which was started eight months ago, is believed to based out of Russia where they are given free rein to target Western countries. 

DarkSide has already boasted that it has been paid millions of dollars in ransom from 80 companies across the US and Europe. 

DarkSide is believed to be based out of Russia and made up of veteran cybercriminals. In a statement (above) following the Colonial attack, the group denied being political and said their only goal was to ‘make money’

President Biden said on Monday that there US intelligence hasn’t found any ties between the attack and the Russian government but said there was evidence DarkSide was based in Russia. 

‘They have some responsibility to deal with this,’ Biden said, adding that he would be meeting with President Putin soon. 

Republicans have since hit out at Biden as they accused him of being weak on Russia. 

Sources told Bloomberg News that hackers stole nearly 100 gigabytes of data out of Colonial’s network on Thursday before demanding a ransom. 

Experts said that the incident should serve as a wake-up call to companies about the vulnerabilities they face.  

Colonial said it immediately hired an outside cybersecurity firm to investigate the nature and scope of the attack and federal agencies have been called in to assist.  

The FBI has already blamed DarkSide for the cyberextortion attack on the pipeline. 

DarkSide is made up of veteran cybercriminals but insists it is not political. Like many others, however, DarkSide seems to spare Russian, Kazakh and Ukrainian-speaking companies, which does suggest a link to Russia.  

Ransomware rackets are now dominated by Russian-speaking cybercriminals who are shielded – and sometimes employed – by Russian intelligence agencies, according to US officials.  

Cyber experts say Russia gives free rein to hackers who target the US and European countries.  

DarkSide has already boasted that it has been paid millions of dollars in ransom from 80 companies across the US and Europe.

The US last month slapped sanctions on Russia for malign activities including state-backed hacking. The Treasury Department said Russian intelligence has enabled ransomware attacks by cultivating and co-opting criminal hackers and giving them safe harbor. 

DarkSide finds vulnerabilities in a network, gains access to administrator accounts and then harvests data from the victim’s server and encrypts it. The software leaves a ransom note text file with demands (pictured above)


The hackers cultivate a Robin Hood image of stealing from corporations and giving a cut to charity. Pictured is a receipt the group claims shows they donate a cut of their ransoms to charity 

Oil futures falls on fading pipeline outage fears 

Oil prices fell on Tuesday on fading fears of a prolonged outage at the largest US fuel pipeline system. 

Brent crude futures dropped 83 cents, or 1.21%, to $67.49 a barrel. West Texas Intermediate (WTI) crude futures fell 84 cents, or 1.29%, to $64.08.

Traders booked at least four tankers to store refined oil products off the U.S. Gulf Coast refining hub after a cyber attack that knocked out the pipeline, shipping data showed on Tuesday.

The US gasoline futures contract and U.S. heating oil futures, which rose after the outage, retreated to pre-Friday levels on the prospect of the restart.

‘I believe the pressure we are currently seeing will be temporary,’ said Tamas Varga of PVM Oil Associates.

‘OPEC has just upped its projection for its oil… implying healthy demand growth in the second half of the year because mobility restrictions are being lifted all over the world and hopefully India… and because fears of slight inflation should make commodities, including oil, a perfect tool to hedge.’

DarkSide, which cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, said in a statement posted on the dark web that their only goal was to ‘make money’ and not create problems for society. 

‘We are apolitical, we do not participate in geopolitics,’ the statement read. ‘Our goal is to make money and not creating problems for society.’

‘From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.’ 

Colonial, which is based in Atlanta, Georgia, has not yet said whether it has paid or is negotiating a ransom with the hackers.  

Despite only emerging in August last year, DarkSide appears to be very organized, according to cybersecurity experts. 

Those who have tracked DarkSide said it appears to be composed of veteran cybercriminals who are focused on squeezing out as much money as they can from their targets.  

‘They’re very new but they’re very organized,’ Lior Div, the chief executive of Boston-based security firm Cybereason, said. ‘It looks like someone who’s been there, done that.’

DarkSide is one of a number of increasingly professionalized groups of digital extortionists, with a mailing list, a press center and a victim hotline to help facilitate ransom payments. 

Experts say DarkSide was likely composed of ransomware veterans and that it came out of nowhere in the middle of last year and immediately unleashed a digital crimewave.

‘It’s as if someone turned on the switch,’ said Div, who noted that more than 10 of his company’s customers have fought off break-in attempts from the group in the past few months.     

DarkSide’s site on the dark web hints at their hackers’ past crimes with claims they previously made millions from extortion and that just because their software was new ‘that does not mean that we have no experience and we came from nowhere’.

The site also features a Hall of Shame-style gallery of leaked data from victims who haven’t paid up.

It advertises stolen documents from more than 80 companies across the US and Europe.

One of the more recent victims featured on its list was Georgia-based rugmaker Dixie Group Inc, which publicly disclosed a digital shakedown attempt affecting ‘portions of its information technology systems’ last month. 

DarkSide has previously targeted Enterprise rental cars, Canadian real estate firm Brookfield Residential and an Office Depot subsidiary called CompuCom. 

The group has a supposed code of conduct intended to spin the group as reliable, if ruthless, business partners. 

They have publicly stated that they prefer not to attack hospitals, schools, non-profits, and governments. 

They instead go after big organizations that can afford to pay large ransoms and claims to donates a portion of its take to charity. 

‘Before any attack, we carefully analyze your accountancy and determine how much you can pay based on your net income,’ the group has previously said.  

The group has posted receipts from donations it claims it has made to US charities in the wake of ransom attacks.  

According to data security firm Arete, DarkSide finds vulnerabilities in a network, gains access to administrator accounts and then harvests data from the victim’s server and encrypts it.

The software leaves a ransom note text file with demands.  

Ransoms average more than $6.5 million and the attacks lead to an average of five days of downtime for the business. 

Sometimes stolen data is more valuable to ransomware criminals than the leverage they gain by crippling a network because some victims are loath to see sensitive information of theirs dumped online. 

Ransom software works by encrypting victims’ data and typically hackers will then offer the victim a key in return for cryptocurrency payments that can run into the hundreds of thousands or even millions of dollars. 

If the victim resists, hackers threaten to leak confidential data in a bid to pile on the pressure. 

According to some experts, DarkSide’s code is standard ransomware but Div said that what does set them apart is the intelligence work they carry out against their targets beforehand.  

Typically ‘they know who is the manager, they know who they’re speaking with, they know where the money is, they know who is the decision maker,’ Div said.

In that respect, Div said that the targeting of Colonial Pipeline, with its potentially massive knock-on consequences for Americans up and down the Eastern seaboard – may have been a miscalculation.

‘It’s not good for business for them when the US government becomes involved, when the FBI becomes involved,’ he said. 

‘It’s the last thing they need.’

The FBI released a statement on Monday, saying: ‘The FBI confirms that the Darkside ransomware is responsible for the compromise of the Colonial Pipeline networks. We continue to work with the company and our government partners on the investigation.’ 

Source: Read Full Article