FixMeStick’s Weekly Cybersecurity Roundup: May 4th – May 10th

Hey there, FixMeFans and StartMeStars! We’re back with another edition of our weekly cybersecurity roundup where we deliver the most recent comings and goings of the cybersecurity world.

This week we’re coming to you with news on how a ransomware gang has started leaking data from the Metropolitan Police Department, and how a recent cyberattack has forced a major US fuel pipeline to shut down.

Image of a police car.

Recently, the ransomware operators behind Babuk Locker have started leaking information after hacking into the Metropolitan Police Department.

According to reports, negotiations between the police department and the ransomware group went sour, prompting the cybercriminals to initially release 150 MB worth of data from DC Police officers’ personal files. While this amount of data may seem minuscule, the cybercriminals state that it’s only the beginning – if the police department doesn’t agree to pay the demanded ransom, they’ll continue to release a total of 250 GB of encrypted files onto the web.

The Metropolitan Police Department initially reported the hack last month, however it appears as though they haven’t met the demands of the ransom. The Babuk Locker ransomware group initially gained notoriety for hacking the NBA’s Houston Rockets back in April.

Curious? You can read up on the situation here!

Image of a pipeline, relating the reason ransomware attack on a pipeline.

In major breaking news, a recent cyberattack has caused the shutdown on one of the largest pipelines in the US. Colonial Pipeline, the pipeline’s operator, said that the incident involves ransomware, and is likely linked to the DarkSide ransomware group.

Colonial Pipeline, which transports more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor, said it learned of the cyberattack on Friday and promptly halted operations. DarkSide, the group responsible for the attack, had hacked the Colonial network, downloaded 100 gigs of data and demanded payment of ransom to hand back control, according to a report from Reuters. DarkSide has been linked to several attacks in the past, and typically targets non-Russian speaking organizations, though it claims to be apolitical when it comes to ransomware targets.

The recent cyberattack has come after rising concerns over the cybersecurity vulnerabilities in America’s infrastructure. And while President Biden’s administration has launched an effort to beef up the nation’s cybersecurity, these efforts inevitably didn’t help protect the major pipeline from the current ransomware attack. Colonial is reportedly working with Fire Eye to root out the hackers, who according to their website are not terrorists, simply “apolitical” opportunists.

You can read more about the situation here!

That’s all for this week’s roundup folks! We hope you’re staying safe with all that’s going on, especially when it comes to your cybersecurity!