You may have heard some news on something calling “Darkside” Ransomware because of its impact on US fuel prices. I am sharing this briefing in case you receive questions.
What is Darkside and why should you care?
- DarkSide is a new group that started to offer “Ransomware-as-as-Services” at the beginning of August 2020. They have become known for their professional operations and large ransoms. According to the known incidents, the ransom demanded falls in the range of between $200,000 and $2,000,000 (US). A ransomware attack is a demand for money in return for normal systems operations or the non- release of stolen data.
- Darkside has successfully perpetrated an attack on May 7th against Colonial Pipeline, which is the largest artery for refined fuels in the United States. Ordinarily, the pipes carry 2.5m barrels a day, 45% of the east coast’s supply; fuel prices jumped 4% on Sunday.
What is the risk related to Darkside?
- Darkside state they do not attack hospitals, schools, non-profits, and governments, but rather big organizations that can afford to pay large ransoms.
- Darkside leverages a significant amount of tools that are targeted to compromise user accounts or endpoints devices (e.g. computer, laptops, servers).
How to prevent it?
- Computer Squad is now affiliated with Malwarebytes to offer a Cloud-based Endpoint protection service. Malwarebytes + Antivirus is one of the most effective protections for cybersecurity. Click here for more information.