Technical Hacking - Ransomware Attack

On May 7, 2021, the Colonial Pipeline, one of the major refined product pipelines that transport jet fuel, gasoline, and diesel from the US Gulf Coast to the US East Coast and originates in Houston, Texas, was hit by a ransomware attack. Ransomware is a type of malicious program (malware) that encrypts data or a computer system and threatens to release or block access to it until the person pays a ransom fee to the attacker, which impacted computerized equipment managing the pipeline. Furthermore, this attack has resulted in the pipeline's digital system shutting down for several days, affecting consumers and airlines all along the east coast. Besides that, since the pipeline transports oil from refineries to industrial markets, the hack was classified as a national security risk. In addition, The Colonial Pipeline hackers were identified as members of the DarkSide group. Attackers make a ransom demand as part of a ransomware attack, which is how they reveal themselves. They won't get paid if they don't ask for the ransom, and getting paid is what ransomware is all about. To add to that, On May 7, the DarkSide attackers demanded a ransom of 75 bitcoin, which was worth approximately $4. 4 million. Joseph Blount CEO of Colonial Pipeline stated that he paid the ransom because it was unclear how widely spread the invasion was or how long it would take to improve the condition. Unauthorized or previously unknown data extraction, unidentified or out-of-place file encryption, or any unusual changes to files, file names, or locations are all signs of a ransomware attack. However, if your computer has been infected with ransomware, disconnect it from the network by turning off WiFi, conduct an online search on a different device to determine the type of ransomware and look for information on your hijacked computer screen, take a backup photo, and, most importantly, report the crime so that law enforcement and investigators can try to track down the perpetrators and prevent future attacks. There are several techniques to protect ourselves against ransomware attacks, some of them, maintaining up-to-date anti-virus software and checking every software obtained from the internet before executing it,  enabling multi-factor authentication, downloading ransomware protection, and access control.