Colonial Pipeline said to have no plan pay hackers ransom
Source: Washington Post
Colonial Pipeline has no plan at this point to pay a ransom to decrypt data files, said two people familiar with the matter. Rather, they are working with the cybersecurity firm Mandiant to restore the data from backup systems where possible and rebuild systems where backups are unavailable, said the people, who spoke on the condition of anonymity because the matter is still under investigation.
Colonial had no comment. A spokeswoman for Mandiant, which is a division of the cyber firm FireEye, also declined to comment.
The hackers, a criminal group thought to operate mostly out of Russia, also appeared to be readying to extort Colonial by stealing data that it could later threaten to release unless a fee were paid. But Mandiant quickly traced the stolen data to a server owned by a New York hosting firm, which over the weekend shut the server down, preventing any data to flow to the hackers, according to several people familiar with the matter.
With that extortion avenue sealed off and with Mandiant helping to restore data and rebuild systems, theres no reason to make the payment, one of the people said. DarkSide ransom demands can range from $500,000 to more than $5 million, according to Mandiant.
Read more: https://www.washingtonpost.com/business/2021/05/12/gas-shortage-colonial-pipeline-live-updates/#link-NFBKS44NJRCGDNDBIMOLJJMK2Q
OhZone
(3,212 posts)make more frequent backups in the future, at the very least.
As we all do.
Hugh_Lebowski
(33,643 posts)country as the operation of this pipeline is.
Honestly something like this should've taken a few hours at most to fix if their IT folks were doing their job right.
BComplex
(8,049 posts)daughter because we wouldn't be able to buy gas on the route. Everyone is in long lines at every station that has gas...until that station runs out, too. Word gets around quickly when there's a station that has gas.
It's like the toilet paper mess...folks are filling up their gas cans and milk jugs.
Hugh_Lebowski
(33,643 posts)The large majority of citizens pump it into their gas tanks and that's it, they don't really know how to handle it.
And there's a reason there's laws about only pumping it into licensed containers.
BComplex
(8,049 posts)There will be a lot of people hurt by this selfishness and insanity.
iluvtennis
(19,852 posts)lilymidnite
(358 posts)Idiots. Why weren't they at the *very* least taking backups, say, hourly. And, real-time replication technology is not that expensive.
It takes skill to set up, but is bulletproof, encryptable.
My job as a database administrator was (I just retired) to keep this stuff from happening. I had hourly encrypted backups to tape, nightly full backups, real-time replication to 5 systems, dataguard (another replication) to 3 systems in 3 cities. And I was a single DBA shop. The sysadmin and I could've had this back up and running in 90 minutes.
OhZone
(3,212 posts)I have coworkers who do stuff like that.
And I know of mainframes where everything is mirrored and audited so if one side fails the other side picks things up.
I know some mainframes use their own special OS too, right?
So windows compatible encrypting software wouldn't work.
jmowreader
(50,557 posts)I LOVE big iron! Especially big iron running proprietary OS like VM. Not super happy that the new IBM Z/Systems are running Linux.
Among my millions of jobs in Berlin was being sysop on a Navy mainframe running Aegis Tactical Executive Program. We did our backups very simply: once every three days we dropped all the users off the system and did a complete copy of each disc pack to another disc pack. There were two disc packs in the system and we had three working drives, so the drill was to copy the system pack to another system pack, the text pack to another text pack, mount the new copies (so we knew they worked) and put the old ones on a shelf.
If this backup scheme would have been operative at Colonial Pipeline, they could have had the whole system back in operation in an hour - the length of time it would have taken to shut down, pull the old hard drives, install ones from Staples where the infected ones were, and restored from backups. IT these days makes me cringe...people are not backing up and eventually theyre gonna get fucked.
Miguelito Loveless
(4,465 posts)that takes skilled people to run and maintain. They do not want to pay for the people.
Hugh_Lebowski
(33,643 posts)and we have an Ops guy that handles a lot of the DBA stuff.
Just saying Hi
Also, replication doesn't help if someone f***s up your data ... you just have copies of wrong stuff
Backups though ... helps for sure. But the data they've encrypted was likely regular files as opposed to db data tables, right?
ZZenith
(4,122 posts)Kabuki vibe abounds.
Hugh_Lebowski
(33,643 posts)Or ... what you're saying.
ZZenith
(4,122 posts)IT crew, but as Malaise adroitly pointed out earlier, gas shortages are a time-tested method of manipulating a population.
Desperate men employing desperate measures as their empires crumble around them.
Hugh_Lebowski
(33,643 posts)Miguelito Loveless
(4,465 posts)creating a false shortage is a very short term gain, and seriously makes the case against oil long term. I drive an EV and am not the least bit inconvenienced by this. More people are going to realize this just as many Californians are realizing that solar with a battery backup up means never losing power.
mahatmakanejeeves
(57,425 posts)Last edited Wed May 12, 2021, 06:31 PM - Edit history (4)
Sure, of course not. I mean, as long as you don't eat food:
Source: https://fleetnewsdaily.com/truck-driver-shortage-fuel-rising-grocery-store-prices/
Or live in an economy that depends on the delivery of commodities in bulk:
Big Loaded CSX Grain Train
220 viewsApr 20, 2018
StAr's YT Hub
945 subscribers
Grain train G801 goes east with three locos and 91 cars.
Seen 4/20/18 in Gaithersburg, MD.
The lead unit, 811, runs on diesel. So do the next two. The cars are grain cars. Loaded, they carry 110 tons each; the smaller ones, 100 tons each.
Count the cars. If they were loaded, how many tons of grain would that be? It could be soybeans, it could be corn; I don't know. It gets turned into bread, it gets turned into cooking oil; beats me.
Or depend on the ability of people to travel from one place to another.
GRAVELLY POINT
(HD) Watching Airplanes - Gravelly Point Plane Spotting - Washington National Airport KDCA/DCA
34,852 viewsJul 5, 2017
Jays O'Hare Aviation
76.8K subscribers
This video is forever dedicated to the memory of one of the finest planespotters ever... Steve Bezman a.k.a. 99carnot. His kindness and encouragement to the planespotters and aviation enthusiasts of YouTube will always be remembered.
When the members of the air crew lay over between flights, how do they get from the airport to their lodgings?
Vegas Airport Transportation Tips
10,602 viewsSep 14, 2012
Very unOfficial Travel Guides
48.1K subscribers
Need help getting to your resort/hotel from the airport in Vegas? WATCH THIS VIDEO NOW!!!
When I was in Vegas, I stayed at a place where the air crews stayed, so I can personally attest that this is how they are transported.
When your electric car needs repair or new parts or new tires, how are those parts getting to the repair facility?
The power line workers who maintain the transmission lines that deliver the electricity to your abode: how do they get to those lines?
hinstalling marker ball 2012
4,661,645 viewsSep 18, 2012
helicopterlineman
9.14K subscribers
Installing aerial markers in West Virginia
Or maybe they're working from one of those boring old bucket trucks:
Source: https://www.tdworld.com/electric-utility-operations/article/20966170/take-a-look-inside-a-linemans-bucket-truck
I'm lucky I can find the power switch on my work-issue laptop. That's as much IT as I know, so I am unable to deliver my expertise on what I would have done.
But I do know this:
Yes, this affects you.
Miguelito Loveless
(4,465 posts)or believed myself immune from it, but was in the context of my remark that if oil interests were involved in creating a fake shortage as one poster was postulating, it would return short terms gains, but utterly destroy their business long term by showing people how vulnerable they are to this type of thing.
I started driving electric in 2014 with a used 2012 Leaf. During that time there have been about 4 supply disruptions in my area due to pipeline failures and storms. After each one, at least one friend or co-worker has switched to EV/solar to escape gasoline/power disruption. In the last few days I have been peppered with questions about my EV. Every time something like this happens, more people switch. The drops become a trickle, and trickles, become streams, then rivers.
The pandemic has taught people to stock up on food because we can't rely on a government run by the incompetent. At the moment my pantry can get me through 6-8 weeks, but I am set for water, power and transport indefinitely. The more people who realize how vulnerable we are because of oil, the faster the transition will speed up.
Response to Miguelito Loveless (Reply #24)
mahatmakanejeeves This message was self-deleted by its author.
GregariousGroundhog
(7,521 posts)Even with decent IT staff, disaster recovery plans are rarely effective unless they are practiced on a somewhat regular basis. DR plans don't get practiced and refined unless management allocates the necessary resources to make it happen.
Hugh_Lebowski
(33,643 posts)miyazaki
(2,240 posts)never bothered to test the stations half million dollar backup generator twice a year as prescribed.
Of course power was lost in a major storm, the generator never kicked in like it was supposed to,
and hilarity ensued as the assistant engineer was jumping the backup storage batteries to maintain our on air capability with a work truck, while the incompetent fuck chief engineer was hiding from the GM in a utility closet.
soothsayer
(38,601 posts)hlthe2b
(102,236 posts)CrispyQ
(36,461 posts)People bought a load of shit when they signed on to the GOPs "private companies can do it better & cheaper." They might do it cheaper so the officers & board can suck off more profit, but better? No guarantee of that.
reACTIONary
(5,770 posts)... does "critical systems" any better? I don't.
spike jones
(1,678 posts)marie999
(3,334 posts)Every night before running the nightly updates and reports I ran a backup of all the files. I worked for three different companies over a period of 20 years. They all ran backups every night.
Skittles
(153,159 posts)backups constantly in progress for all accounts, what the heck happened here
Dave Starsky
(5,914 posts)I seem to recall that none of the Galactica's mission-critical systems were networked, explicitly to avoid similar fuckery by Cylons or other similar cybervarmints.
There's always an opportunity to learn from science fiction.
rictofen
(236 posts)Sapient Donkey
(1,568 posts)Rocknation
(44,576 posts)Last edited Mon Oct 4, 2021, 12:25 PM - Edit history (14)
I suspected that this was what was going on when I read that they expected to be back online no later than late next week.
There's no need to pay a ransom if you've taken the precaution of uploading an automatically updated and encrypted copy of your data and files to a different sever. I've done it myself when my daily blog outgrew the Web hosts I was using. I receive a copy of the blog's database every 24 hours, and back up its physical files offline as well as online!
Rocknation
OhZone
(3,212 posts)(we haven't carpooled in ages for a number of reasons including the pandemic)
reminded me of the things that secure his mainframe.
A prorprietary OS.
Multi-factor authentication for the firewalls that prevent you from even logging in.
Special security once you log in that prevents most from updating system files.
Some kind of transaction monotoring thing (I forgot what he called it) that backs out incomplete and suspicuous transaction.
Nightly backups.
Also, did I mention the proprietary non-windows, non-linux OS?
Yo_Mama_Been_Loggin
(107,956 posts)That's why this malware is often called a Trojan Horse.
You can prevent a lot of people from logging into your system but that won't matter if you're not careful of what you're downloading.
However even a legitimate download might be infected. Remember the Solar Winds hack? I'm sure a lot of people using their software downloaded what they thought was an update.
OhZone
(3,212 posts)that there is no easily available common software for my friend's boxes. It's not windows, linux, or apple.
And you would specifically have to logon on through various hurdles, and upload the program and try to run it, when the mainframe security would just say, no. ha
One's email does not run through a mainframe, right?
Yo_Mama_Been_Loggin
(107,956 posts)Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the countrys largest fuel pipeline, according to two people familiar with the transaction.
The company paid the hefty ransom in untraceable cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the East Coast, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.
Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the companys efforts said.
A representative from Colonial declined to comment, as did a spokesperson for the National Security Council.
https://www.msn.com/en-us/news/us/colonial-pipeline-paid-hackers-nearly-dollar5-million-in-ransom-sources-say/ar-BB1gHobz
BumRushDaShow
(128,905 posts)I know they were being pummeled to get that pipeline up and running by the end of the week, come hell or high water. The ones impacted the most are largely "red" and "red-turning-purple" states.
And as a note, when these articles talk about the "major cities along the east coast" the ones they seem to want to talk about are not up here in Philly and north. It appears that those north of VA generally have other pipe lines that provide similar fuel and hell, just outside of Philly, we have huge refineries that I expect feed into the system (although over the years some of them have closed down). They should say "cities along the SOUTHeast coast".
This is who is getting impacted at the moment (not counting the airlines as I believe kerosene flows in some of those pipes) -
Anyway (I know that was a bit much ) - thanks for that update!!!!
OhZone
(3,212 posts)BumRushDaShow
(128,905 posts)(sorry, been wanting to do this ^^^ to you )
OhZone
(3,212 posts)Bennie speak.
I'll put a hole in your ozone!
Ha!
BumRushDaShow
(128,905 posts)the Philly jawn right heeyah!
OhZone
(3,212 posts)not a Benny.
I'm from the Central Jersey shore not South Jersey.
We get more Bennies than Shoobies.
BumRushDaShow
(128,905 posts)Don't hear much about Central Jersey except for what's happening in Trenton or Princeton.
We cover the South Jersey market, (but also Trenton. Because. State Capital. And. Governor. Hell, I hear more on the news here about Murphy than my own damn governor Tom Wolf.
OhZone
(3,212 posts)I'm on the shore - Central Jersey EAST near Seaside and Island Beach.
It's actually kinda hard for me to get to Princeton and Trenton - and I'm so sorry to hear you have to hear about our politics. Most of Jersey doesn't like Trenton either. Ha.
Most of the main roads here are north-south-centric unless you want to go between AC and Philly. (Atlantic City Expressway)
The road I take to Princeton and Trenton and Philly is two lanes for most of it, and it has - CIRCLES! OHNOES! (It's even a little bit of a pain to get a lot of places in NJ, since it's such a mix of rural areas, suburbs, wildlife areas, shore towns, and congested areas up north)
Road to Princeton/Philly 1 lane either way -
Road to NY - multiple lanes either way -
?width=640
But I did venture there to get to that Princeton record store when I was a teen. I used to love that place.
Is Jawn a recent slang. I don't remember it from my trips to Philly and South Street and Tower Records and Zipper head.
Or even more recently when I did my Rocky impression. ha
BumRushDaShow
(128,905 posts)In other words, "what exit off the Turnpike(s) - NJ or Garden State?".
I have been up and down and across to and fro, and diagonally hither and yon, far too many times in New Jersey. I have an aunt and cousins and a niece living in Jersey (all in North Jersey though). My parents used to own a plot of land in N. Cape May but my mom sold it back in the '70s.
And yeah, the Jersey jughandles are awful.
But as a sidenote, I am glad they FINALLY fixed the "I-95 problem" and New Jersey. I.e., you would think that if you stayed on I-95 through Philly, you'd eventually go across some bridge and continue straight along "I-95" on the other side of the bridge in Jersey (the NJ Turnpike)... But NOOOOooooooo. You suddenly realize, previously unbeknownst to you, that the highway you were on had magically changed to I-295 (with no signs) and you would be heading over the Scudder-Falls bridge, finally confirming that you were on "I-295" and not "I-95" once you are on the Jersey side.
The re-signing has now been completed.
"Jawn" seems to be something that was suddenly "discovered" and "commercialized" recently, but it was slang that I remember using back in high school in the '70s. It was sortof a placeholder noun for "a thing" (e.g., "Yo, gimme that jawn.." ) or as a slang adjective for something that is really fantastic/incredible (e.g., "That party was the jawn" ). I think they have said it was a variation of the slang word "joint" (i.e. "That movie was the joint!" ) and I remember using that term too for the same reasons.
I miss miss miss Tower Records! It was one of the few places in the area that sold laserdisc movies!
OhZone
(3,212 posts)Funny how I missed "jawn."
Anyway, Yeah, it's "what's your Exit off the Garden State Parkway" for me.
Where I am there is no easy access to diagonal roads like the Turnpike and the AC expressway. It's North/South GSP OR slow roads everywhere else.
Yeah NJ signage is not great. Like my brother in Brick complains, there is a sign on one of his fav roads - to go to the parkway, labeled "Parkway North." So you think it's ONLY for the north, but there is a Parkway South exit just past it. Why not say that both directions are coming up?!
He says he wants to take a sharpie to it. ha!
Also, Princeton records appears to still be open for business! OHYEAH!
BumRushDaShow
(128,905 posts)OhZone
(3,212 posts)It can get wild.
Also the left lane hogs are often Bennies from NY.
Terrible drivers.
Rocknation
(44,576 posts)Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the countrys largest fuel pipeline, according to two people familiar with the transaction...
Well, it would be the perfect "excuse" for Colonial to keep their gas prices inflated...
rocktivity