DarkSide Ransomware Attack

    0
    285

    In News

    Recently, the Federal Bureau of Investigation( FBI) officially confirmed that DarkSide was responsible for compromising Colonial Pipeline’s networks.

    DarkSide Group

    • DarkSide is an Eastern Europe-based cybercriminal hacking group that targets victims using ransomware and extortion
    • The group has claimed that it is apolitical and is only concerned about making money and has claimed that it also donates some of its proceeds to charities.
    • The DarkSide group appeared to have a code of conduct that prohibits attacks against hospitals, hospices, schools, universities, non-profit organizations, and government agencies.

    About 

    • Recently, the Colonial Pipeline (the operator of one of the largest fuel pipelines in the USA) announced that it had been hit with a ransomware attack, in which criminal groups lock up computer systems and hold data hostage until the victim pays a ransom. 
      • In response, the company protectively shut down its pipeline.
        • The pipeline carries 2.5 million barrels a day – 45% of the East Coast’s supply of diesel, petrol and jet fuel.
    • The company has reportedly paid a ransom amount of $5 million in Bitcoin to retrieve its files. 

                                                                    Image Courtesy: BBC

    Impact On Oil Prices

    • Oil prices rose in response to the attack on Colonial Pipeline with the price of Brent crude rising to $69 per barrel. 
      • The temporary shortage also led to an increase in pump prices in the US with the average national price of petrol rising to over $3.0 per gallon, the highest level since 2014.
    • The disruption led to a gas shortage across the east coast with customers facing long lines to purchase fuel and many pumps running out of petrol and diesel as panic buying led to customers purchasing larger quantities of fuel
    • Crude oil prices have risen despite a surge in Covid-19 infections in Asia due to expectations of increasing crude oil demand from the US and Europe leading to further upward pressure on auto fuel prices.

    Impact on India:

    • India, the world’s third-biggest oil importer and consumer 
      • Rising oil prices are posing fiscal challenges for India, where heavily-taxed retail fuel prices have touched record highs in some parts of the country.
      • The increase in oil prices will increase the country’s import bill, and further, disturb its current account deficit (excess of imports of goods and services over exports).

    Measures Need To Be Taken

    • There is a need to move towards fortifying approaches to prevent attacks including employing a zero-trust security framework in enterprise networks.
      • A zero-trust approach means anything is suspected whenever any activity is done on the network, and every user, including the CEO, will have to be verified time and again.
    • Other measures such as Cloud Access Security Brokers (CPAB), which act as intermediaries between users and cloud service providers, could “give teeth” to an overall cybersecurity strategy.
    • India’s oil and gas PSUs were making efforts to beef up security, and that organisations managing critical infrastructures such as pipelines and refineries were required by the government to implement certain security measures.

    Ransomware Attack

    • A ransomware attack is a cyberattack using malware that encrypts the victim’s files and requires users to pay a ransom to decrypt the files. 
    • It is often designed to spread across a network and target database and file servers, and can thus quickly paralyze an entire organization. 
      • It is a growing threat, generating billions of dollars in payments to cybercriminals and inflicting significant damage and expenses for businesses and governmental organizations.

                                               Image Courtesy: Research gate 

     

    How to Defend Against Ransomware?

    • Back up your data. The best way to avoid the threat of being locked out of your critical files is to ensure that you always have backup copies of them, preferably in the cloud and on an external hard drive.
    • Secure your backups. Make sure your backup data is not accessible for modification or deletion from the systems where the data resides. 
      • Ransomware will look for data backups and encrypt or delete them so they cannot be recovered, so use backup systems that do not allow direct access to backup files.
    • Use security software and keep it up to date. Make sure all your computers and devices are protected with comprehensive security software and keep all your software up to date
    • Practice safe surfing. Be careful where you click. Don’t respond to emails and text messages from people you don’t know, and only download applications from trusted sources. 
      • This is important since malware authors often use social engineering to try to get you to install dangerous files.
    • Only use secure networks. Avoid using public Wi-Fi networks, since many of them are not secure, and cybercriminals can snoop on your internet usage.
    • Implement a security awareness program. Provide regular security awareness training for every member of your organization so they can avoid phishing and other social engineering attacks. Conduct regular drills and tests to be sure that training is being observed.

    Safeguards Available In India Against Cyber Threats 

    • Information Technology Act, 2000 (Amended in 2008): It is the main law for dealing with cybercrime and digital commerce in India.
      • National Critical Information Infrastructure Protection Centre (NCIIPC) was created under Section 70A of IT Act 2000 to protect Cyberinfrastructure.
    • CERT-In (Cyber Emergency Response Team, India): It is National Nodal Agency for Cyber Security and is Operational since 2004
    • National Cyber Security Policy, 2013: The policy provides the vision and strategic direction to protect the national cyberspace.
    • Cyber Swachhta Kendra: Cyber Swachhta Kendra helps users to analyse and keep their systems free of various viruses, bots/ malware, Trojans, etc.
    • Indian Cyber Crime Coordination Centre (I4C): Launched in 2018, It is an apex coordination centre to deal with cybercrimes.
    • Cyber Surakshit Bharat: It was launched by the Ministry of Electronics and Information Technology (MEITy) in 2018 with the aim to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
    • The Cyber Warrior Police Force: It was organised on the lines of the Central Armed Police Force in 2018.

    Source: IE