In May 2021, one of the largest refined fuel pipelines in the United States, the Colonial Pipeline, experienced a cyberattack that shut down fuel delivery from the Gulf coast to the East coast. The U.S. government including CISA at the Department of Homeland Security and the FBI strongly recommended against paying the ransom demanded by the hackers. Concerned about operational safety and getting the pipeline back up and running the company decided to pay the ransom. The group responsible is known as the Darkside group.
Resource Type: Case Study
Case Study: Washington, D.C. Cyberattack
In April 2021, hackers broke into the Washington, D.C. Metropolitan Police Department (MPD) computers, locked up the files and demanded $4 million in ransom. The group responsible is known as Babuk. They started leaking data just before the MPD confirmed it had suffered an attack. The leaks included financial and marriage histories of officers, social security numbers and other confidential information. Babuk claims they were offered $100,000, but the police department has not confirmed whether it agreed to pay any ransom.
Case Study: The Oldsmar Attack
On February 5, 2021, a water treatment plant employee in Oldsmar, Florida noticed his mouse cursor moving strangely on his computer screen. At first, he thought it was nothing because they use remote-access software. Later, the mouse moved again to adjust the allowable level of sodium hydroxide (a disinfectant used to clean the water). Although the intrusion only lasted between three and five minutes, it took five and a half hours for the staff to notice the change to dangerous allowable levels. The plant has since disabled its remote-access system. This breach highlights the serious impacts hackers can have on utilities and critical infrastructure, potentially harming thousands of people.