- DarkSide is one of the suspects being investigated for hacking Colonial Pipeline.
- The ransomware gang said Monday the attack was just for money and not political.
- The company's main pipeline remains shut down, but some smaller arterial lines are operating.
- See more stories on Insider's business page.
The ransomware gang that may have shut down a major US oil pipeline Friday said the attack was just for money and not about politics.
The hacking group known as DarkSide released a statement Monday saying: "Our goal is to make money, and not creating problems for society," CNBC reported citing Cybereason. The group did not specifically mention the Colonial Pipeline disruption.
-DarkTracer : DarkWeb Criminal Intelligence (@darktracer_int) May 10, 2021
DarkSide is one of the prime suspects potentially behind the hacking of the Colonial Pipeline, the largest US refined fuel pipeline operator. The company's main pipeline runs from Houston, Texas, to New York and carries more than 100 million gallons of gasoline, diesel, jet fuel, and home heating oil every day, transporting about 45% of the East Coast's fuel.
Colonial shut the line down Friday after realizing it was "the victim of a cybersecurity attack" in order to contain the threat, it said in a statement. Oil futures rose following the incident, potentially triggering higher gas prices for Americans if not rectified soon.
Reuters reported that the group, though new, is likely made up of veteran cybercriminals focused on extortion, or getting money from their targets. The group reportedly has a code of conduct explaining which groups, such as schools, hospitals, and hospices, that it will not target "based on its principles," Bleeping Computer reported.
The group did not say how much money it is seeking. Despite claiming to be apolitical with no specific country ties, some experts say DarkSide could have Russian ties, NBC News reported.
As of right now, there's no timeline for when operations will resume, Colonial said.
"While our mainlines (Lines 1, 2, 3 and 4) remain offline, some smaller lateral lines between terminals and delivery points are now operational. We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations," the company said Sunday night.
President Joe Biden has since issued a regional emergency order and approved legislation from the US Department of Transportation that would provide a temporary hours-of-service exemption for workers transporting fuel. That means truckers can drive longer hours if transporting certain materials in specific states without being subject to usual limits.
In April, Biden launched an initiative to ramp up cybersecurity for the US power grid, as experts have long warned critical parts of the nation's infrastructure may be vulnerable to attack.