Friday, 14 May 2021 08:53

Did Colonial pay a ransom, as Bloomberg claims? Or is it another tall tale? Featured

0
Shares
By
Pixabay

ANALYSIS Claims that the Colonial Pipeline Company paid US$5 million as a ransom to the group behind the DarkSide Windows ransomware after it was attacked on 7 May need to be taken with a pinch of salt, seeing as the report was an "exclusive" from Bloomberg.

Among the three authors of the news agency's report was Michael Riley, one of the authors of the infamous "grain of rice" yarn that claimed an additional chip had been planted on the motherboards of servers made by US firm Super Micro Computer in order to effect a supply chain attack.

Riley, along with William Turton and Jennifer Jacobs, claimed that the payment of nearly US$5 million contradicted earlier reports — made, among others, by Reuters — that Colonial would not pay a ransom in order to obtain a decryptor.

According to the Bloomberg version, the ransom was paid, as usual in cryptocurrency, "within hours after the attack" which would place the transaction as having taken place last week.

Riley revived the Super Micro tale this year, along with his partner Jordan Robertson, this time claiming that the tampering was done in servers supplied mainly to the US Government, In the 2018 story, the pair had claimed that the fiddling had been carried out on servers supplied to Amazon and Apple.

Only one detail of the Bloomberg story about the Colonial ransom can be verified: the claim that the company had to use its own back-ups for restoration, rather than depend on the supplied decryptor, as the latter was much slower.

This is backed up by Emsisoft, a New Zealand-headquartered ransomware specialist, which wrote in a blog post earlier this year: "According to our performance tests, DarkSide’s decryption tool decrypts files at an average of 231.40MB per second.

"In comparison, Emsisoft’s universal decryptor tool decrypts DarkSide-encrypted files at an average of 608.70MB per second. For context, decrypting 1 TB of encrypted files would take about 72 minutes with DarkSide’s decryptor and approximately 27 minutes with Emsisoft's decryption tool."

Going by its own comments, the gang behind DarkSide appeared to be somewhat taken aback when they realised the company that their affiliates had attecked. 


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Published in Security
Tagged under
Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Latest from Sam Varghese

Related items

Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top