President Joe Biden said there is “no evidence” Russia is behind the Colonial Pipeline cyberattack but said that the cybercriminal organization behind the ransomware attack may be in Russia.
The pipeline, which supplies a significant amount of fuel to the East Coast, was shut down over the past weekend due to ransomware. The firm said Monday that it is working to restore service to its four main lines.
“So far there is no evidence … from our intelligence people, that Russia is involved, although there’s evidence that the actors’ ransomware is in Russia,” Biden told reporters on Monday, adding that he is going to be meeting with Russian President Vladimir Putin soon.
Russia, Biden added, has “some responsibility” in dealing with the cyberattack. He did not elaborate further.
The FBI earlier in the day confirmed that the DarkSide ransomware was behind the incident, and cybersecurity firms have said the group is comprised of hackers who sell ransomware to other criminals to carry out attacks. The group appeared to issue a statement on Monday, saying it is not a political actor and only seeks profit.
“We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for our motives,” DarkSide’s statement said, according to cybersecurity firm Cybereason. “Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”
DarkSide, like other ransomware rings, makes its money by hacking a victim’s network and encrypting their files so they cannot be accessed by the victim. Then, the groups threaten to publish them online if they’re not paid.
Homeland Security Adviser Elizabeth Sherwood-Randall said Monday that Colonial initially shut down its systems for precautionary reasons, adding that the hackers did not reach computers that control the pipeline’s infrastructure. On Sunday, the Department of Transportation declared an emergency in 17 states that lifted restrictions on truck drivers transporting fuel.
As the pipeline stays shut down, analysts have warned of a surge in fuel prices. The Colonial system runs 5,500 miles from the Gulf Coast to Linden, New Jersey, and transports about 100 million gallons of fuel each day.
Patrick De Haan, head of petroleum analysis at GasBuddy, said that Georgia, Tennessee, and South Carolina could be hit the hardest in the coming days, according to the Wall Street Journal. A large portion of Tennessee’s fuel comes from Colonial’s lines.