🌞 Good morning! I got sunburnt yesterday, two days after it snowed. Weather is weird and fun right now!

Ransomware shuts oil pipeline

colpipe map 190607 174015

A company responsible for transporting 45% of fuel consumed on the US East Coast has been forced to halt operations since Friday due to a ransomware attack (Reuters).

In brief:

  • The Colonial Pipeline is the largest fuel pipeline in the US, running from Texas through the Gulf Coast to New York Harbor. It carries 2.5 million barrels a day, and the supply of diesel, gasoline, and jet fuel.
  • It went down on Friday, and as of Sunday, the Colonial Pipeline Company said it was still working to develop a restart plan for its pipeline system.
  • The White House is involved, passing an emergency waiver to ease rules around transporting of fuels by road or sea.
  • While oil prices have edged higher, a rush for replacement fuels could develop as sources from Europe and even Asia could be procured, depending on the length of the shutdown.

Who’s involved?

Multiple sources have confirmed that the attack was caused by a cyber-criminal gang called Dark Side, which took 100GB of data hostage. 

The BBC has more detail:

  • Cyber-security firm Digital Shadows says the Colonial attack has come about due to the pandemic – with more engineers remotely accessing control systems for the pipeline from home.
  • James Chappell, co-founder of Digital Shadows, believes DarkSide bought account login details relating to remote desktop software such as TeamViewer and Microsoft Remote Desktop.
  • “We’re seeing a lot of victims now, this is seriously a big problem now,” said Mr Chappell. “The amount of small businesses that are falling victim to this – it’s becoming a big problem for the economy globally.”

The thing James Chappell (perhaps kindly) doesn’t mention is that this is critical infrastructure running Microsoft Windows. And the “hack” is less hack than just paying for logins. 

  • Note that the hack is around the administration, not the services themselves, as far as I understand the detail.

What’s next:

  • Will the ransom just get paid up? We don’t know the demands here, but surely the costs become astronomical once the pipeline continues to remain offline.

Roundup

👉 Samsung Galaxy Chromebook 2 review: Second time’s the charm. No 4K OLED, no problem (Android Authority).

👏 Now Vivo is promising three years of Android updates for upcoming flagships (Android Authority).

👋 Clubhouse beta finally arrives on Android — US-only, for now (Android Authority).

📅 Report: Samsung Galaxy S21 FE, Galaxy Z Fold 3, and Z Flip 3 to launch in August(Android Authority).

🍎 Kuo: Apple-designed 5G modem may debut in iPhones as early as 2023 (MacRumors).

🍏 It’s already possible to hack an AirTag, which may open the door to interesting use cases, and possibly misuse (9to5Mac). Apple brass discussed disclosing 128-million user iPhone hack, then decided not to (Ars Technica).

🚀 After calling Dogecoin a “hustle” on SNL, Elon Musk’s SpaceX is literally launching a Dogecoin-funded satellite to the Moon(The Verge). You can watch all of Musk’s SNL cameos here, though some are geoblocked (CNET).

🚗 Also, Tesla privately admits Elon Musk has been exaggerating about ‘full self-driving’ (The Verge).

🥽 Zuckerberg explains why an Oculus Quest Pro is necessary (Engadget).

📚 New book Press Reset investigates the high human cost of game development (Ars Technica).

🎶 How Sony paved the way for modern music production via Digital Audio Tape in 1987 (Engadget).

📉 Sony warns tight PlayStation 5 supply to extend into next year (Bloomberg).

📦 A giant Amazon review scam ring has been uncovered, with 13M paid reviews found in an open database. Among the brands impacted are Aukey and Mpow, with Amazon reportedly halting sales (SafetyDetectives).

🤔 What if gravity is actually a double copy of other forces? (Wired).

🌟 “You can go back 100,000 years to a cave that will be discovered by archeologists, what do you write on the wall to mess with them?” (r/askreddit).

Monday Meme



Source link