Russia Denies Involvement in Darkside Attack on Colonial Pipeline

A warning sign is posted along the path of the Colonial Pipeline in Garnet Valley, Pa., on Monday. Russia has denied any involvement in the cyberattack on the pipeline.(MATT ROURKE/AP)

Russia on Tuesday denied any involvement in the cyberattack that crippled an American pipeline responsible for almost half of the East Coast's fuel supply and lamented that the U.S. doesn't cooperate more with Moscow on countering devastating threats.

"Russia has nothing to do with these hacker attacks, and had nothing to do with the previous hacker attacks," Dmitry Peskov, a spokesman for Russian President Vladimir Putin, told reporters Tuesday morning. "We categorically do not accept any accusations against us."

Peskov's comments follow growing speculation in the U.S. that Russia at least tacitly approved – if not orchestrated – the ransomware attack over the weekend on the Colonial Pipeline, which serves 50 million Americans, according to some estimates. As of Tuesday morning, the pipeline was still largely offline with a goal of substantially resuming operations by week's end. The Kremlin's explanation also comes a month after the Biden administration enacted sanctions and other punishments against Russia for what U.S. intelligence believes is its involvement in a widespread hack on federal servers identified last year.

The FBI in a two-sentence statement on Monday confirmed the most recent attack was carried out by a group known as Darkside, believed to be based in Eastern Europe. It was still investigating the origins and effects of the attack.

The incident represents "the most significant publicly known cyberattack on the U.S. energy sector," according to an analysis note from private intelligence firm Stratfor early Tuesday, "and exposes the vulnerability of U.S. critical infrastructure and U.S. companies to ransomware attacks, attacks the U.S. government is increasingly trying to combat." It noted such attacks have increased 485% from 2019 to 2020.

President Joe Biden said the U.S. as of Monday did not yet have evidence the attack was state-sponsored or that Russia was involved, but he added, "There is evidence that the actors, ransomware, is in Russia."

"I'm going to be meeting with President Putin," Biden added, referencing his overtures to the Russian leader following his punitive measures for the hack on government computers known as SolarWinds. "They have some responsibility to deal with this."

Russia on Tuesday attributed the attack at least partially to America's refusal to cooperate with Moscow on matters of shared security concern, including potential cyberattacks.

"We can still only regret that the United States refuses any cooperation with us in countering cyber threats. We believe that such cooperation is both international and bilateral," Peskov told reporters, according to a translation of his remarks. "[It] could really help in the common fight against this evil, with cybercrimes."

White House spokeswoman Jen Psaki said in a statement late Monday that the government was monitoring ongoing fuel shortages as a result of the shutdown – while analysts believe gas prices will increase in the near future – but she did not comment on the perpetrators of the attack.

However, others in government and close allies of the Biden administration have been full-throated in recent days about who is to blame.

"This is supposedly a criminal gang. But I'm not sure how you distinguish that from whether or not they have some connection to the Russian government," Sen. Angus King, Maine independent, said on CNN late Monday.

King and others in Congress have frequently raised alarm during congressional hearings about the vulnerabilities to America's fuel networks, power grid and other forms of ubiquitous infrastructure. The senator, co-chairman of the Cyberspace Solarium Commission, described to CNN this latest attack as "the longest wind-up for a punch in the history of the world."

"We keep getting these wake-up calls, and we're not waking up," he said. "This is a new kind of conflict, where it's not battleships and airplanes and armies. It's the private sector infrastructure that's at risk. Eighty-five percent of the target space in cyberspace is in the private sector. And that's what we saw this weekend."

"The sad truth is cyber is cheap. Putin can hire 8,000 hackers for the price of one jet airplane. So, what they're doing, they're going to keep doing now. … We can quit being a cheap date. We can start responding. We can start imposing costs. And actually, the Biden administration, about a month ago, did impose some serious sanctions on Russia for the SolarWinds attack last year. But we've got to up that game," King said.

Others in Congress believe Biden should be doing more to deter foreign adversaries and protect the U.S. against the likelihood of similar attacks in the near future.

"The Department of Energy is responsible for responding to this attack, yet the administration still has not even put forward a nominee to lead CESER, its cybersecurity office," Sen. Jim Risch said in a statement, referring to the federal Office of Cybersecurity, Energy Security and Emergency Response. The Idaho Republican has introduced legislation with King to strengthen protections against the U.S. electrical grid. "We need to prioritize hardening our cyber defenses and creating a comprehensive U.S. cybersecurity strategy. That begins with stepping up and filling the vacant assistant secretary role at CESER without delay."

Link: https://www.usnews.com/news/world-report/articles/2021-05-11/russia-denies-involvement-in-darkside-attack-on-colonial-pipeline