Thursday, May 13, 2021

"Chemical distributor pays $4.4 million to DarkSide ransomware"

 From Bleeping Computer:

Chemical distribution company Brenntag paid a $4.4 million ransom in Bitcoin to the DarkSide ransomware gang to receive a decryptor for encrypted files and prevent the threat actors from publicly leaking stolen data.

Brenntag is a world-leading chemical distribution company headquartered in Germany but with over 17,000 employees worldwide at over 670 sites.

According to the ICS Top 100 Chemical Distributors report, Brenntag is the second largest in sales for North America.

Brenntag confirms cyberattack

At the beginning of May, Brenntag suffered a ransomware attack that targeted their North America division. As part of this attack, the threat actors encrypted devices on the network and stole unencrypted files.

From the information shared with BleepingComputer by an anonymous source, the DarkSide ransomware group claimed to have stolen 150GB of data during their attack.

To prove their claims, the ransomware gang created a private data leak page containing a description of the types of data that were stolen and screenshots of some of the files....


I have a partial answer to the query posed in the intro to yesterday's "Meanwhile, At Colonial Pipeline: Job Opening, Manager Cyber Security":

I would like to know where the FBI, the NSA and the Department of Homeland Security were as this hack was happening.

It is their job to protect critical infrastructure. Throw in DOE's security peeps and the Department of Transportation while we are at it.

Seriously, what do these people do all day?

From VICE, May 13:
Pentagon Surveilling Americans Without a Warrant, Senator Reveals
A letter obtained by Motherboard discusses internet browsing, location, and other forms of data.

The Pentagon is carrying out warrantless surveillance of Americans, according to a new letter written by Senator Ron Wyden and obtained by Motherboard.

Senator Wyden's office asked the Department of Defense (DoD), which includes various military and intelligence agencies such as the National Security Agency (NSA) and the Defense Intelligence Agency (DIA), for detailed information about its data purchasing practices after Motherboard revealed special forces were buying location data. The responses also touched on military or intelligence use of internet browsing and other types of data, and prompted Wyden to demand more answers specifically about warrantless spying on American citizens....


Got it. Can't protect critical infrastructure but can do warrentless spying.