About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

1 1 (May 11, 2021)

handle is hein.crs/govedgp0001 and id is 1 raw text is: A Congressional ____ aResearch Service informirng the legi lie deba e since 1 14 ___________________ Colonial Pipeline: The DarkSide Strikes May 11, 2021 On May 8, 2021, the Colonial Pipeline Company announced that it had halted its pipeline operations due to a ransomware attack, disrupting critical supplies of gasoline and other refined products throughout the East Coast. This attack was similar to an earlier pipeline ransomware attack in 2020, which also resulted in a pipeline shutdown. In 2018, cyberattacks reportedly disrupted the customer communications systems (but not pipeline operations) at four of the nation's largest natural gas pipeline companies. The possibility of lengthy pipeline disruptions was raised in 2019 congressional testimony by then-Director of National Intelligence, who singled out pipelines as critical infrastructure vulnerable to cyberattacks that could cause shutdowns for days to weeks. The Colonial Pipeline cyberattack has elevated concern in Congress about the security of the nation's energy pipelines and government programs to protect critical infrastructure. Ransomware Ransomware is a form of malicious software (malware) that seeks to deny users access to data and information technology (IT) systems by encrypting the files and systems-thus locking out users. Perpetrators usually extort victims for payment, typically in cryptocurrency, to decrypt the system. Recently, such attacks have been coupled with data breaches in which perpetrators also steal data from their ransomware victims. In addition to locking their computer systems, the perpetrators notify victims that they have copies of their data and will release sensitive information unless a ransom is paid, extorting them twice. Colonial Pipeline fell victim to the DarkSide ransomware-as-a-service (RaaS) variant. RaaS is a cybercrime model in which one criminal group develops the ransomware and hosts the infrastructure upon which it operates, then leases that capability to another criminal group to conduct an attack. The Cybersecurity and Infrastructure Security Agency (CISA), the National Institute of Standards and Technology (NIST), and the Federal Bureau of Investigation (FBI) have published guides on addressing ransomware attacks. As a cyberattack, ransomware falls subject to the cyber severity schema prescribed in the National Cyber Incident Response Plan. Unlike SolarWinds, this attack only affected one company, so it did not lead to establishing a Unified Coordination Group under the response plan. Instead, because this incident affects energy supplies, the Department of Energy is leading the federal response with support from other agencies. Congressional Research Service https://crsreports.congress.gov IN11667 CRS INSIGHT Prepared for Members and Committees of Congress

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Already a HeinOnline Subscriber?

Log In

profiles profiles most