You may have heard some news on something calling “Darkside” Ransomware because of its impact on US fuel prices. I am sharing this briefing in case you receive questions.

What is Darkside and why should you care?

• DarkSide is a new group that started to offer “Ransomware-as-as-Services” at the beginning of August 2020. They have become known for their professional operations and large ransoms. According to the known incidents, the ransom demanded falls in the range of between $200,000 and $2,000,000 (US). A ransomware attack is a demand for money in return for normal systems operations or the non- release of stolen data.
• Darkside has successfully perpetrated an attack on May 7th against Colonial Pipeline, which is the largest artery for refined fuels in the United States. Ordinarily, the pipes carry 2.5m barrels a day, 45% of the east coast’s supply; fuel prices jumped 4% on Sunday.

What is the risk related to Darkside?

• Darkside state they do not attack hospitals, schools, non-profits, and governments, but rather big organizations that can afford to pay large ransoms.
• Darkside leverages a significant amount of tools that are targeted to compromise user accounts or endpoints devices (e.g. computer, laptops, servers).

How to prevent it?

• Computer Squad is now affiliated with Malwarebytes to offer a Cloud-based Endpoint protection service. Malwarebytes + Antivirus is one of the most effective protections for cybersecurity. Click here for more information.