74 online
Most Popular Choices
Share on Facebook 32 Printer Friendly Page More Sharing
Exclusive to OpEd News:
OpEdNews Op Eds    H2'ed 5/14/21

R-a-a-S Claut! Robin Hood's Apologized to the King! UPDATED 05/15!

By       (Page 1 of 3 pages)   1 comment, In Series: Op-Eds
Follow Me on Twitter     Message John Hawkins
Become a Fan
  (9 fans)

(Image by johnny.guernica)
  Details   DMCA

R-a-a-s Claut! Robin Hood's Apologized to the King!

by John Hawkins

There's Good News for Modern Man, after all. DarkSide has a silver lining side or light side or something. They've essentially apologized for allowing Colonial Pipeline to be hacked and ransomwared. Oops. We'll do a better job of "vetting" our "affiliates" next time, they lisped in a Press Release released by the Press, a couple of days after they were fingered by the FBI as the Colonial culprit. It's enough to make a Gideon Bible-pounder out of you.

Today, just hours ago, Colonial announced all is copacetic and that they are speedily getting back up to speed again on the pipeline front. Windfall Accomplished! Presumably, the speediness of their recovery is because DarkSide, in issuing the apology, released the encryption of the data being held ransom. (Why apologize otherwise?) Of course, nobody's heard from DarkSide since their mea culpa announcement, and so we don't know if someone was squeezing Robin Hood by his hairy walnuts to get him to squeal like that or not -- Colonial's not saying. But something's not right. In fact, something's daft about the whole thing.

I say, why apologize, if you're not going to hand over encryption key, but then I read in the Times that no ransom was paid. Well, then how did they decrypt the system? Then, when I was pondering that wonderment, I read in the same piece that "only the back office" system was affected, which usually means databases and file servers, but not the control system for the pipeline. Hmmmmmmm. Then, I'm reading that the Intrusion Security specialists, Mandiant, were helping Colonial to rebuild its presumed servers and databases from "back-ups." Hmmmmmm. Sounds unlikely. You'd bring in back-office specialists, not spear-phishing experts.

Another curious development was the discovery by "the FBI" that the server on which the data stolen from Colonial was stored on a server located in New York. And in a Wired story, an executive for CrowdStrike was quoted as saying that the cybersecurity company had been tracking DarkSide aka "Carbon Spider." But despite public statements that DarkSide does not attack Russians, that is contradicted in CrowdStrike's own listing of DarkSide/Carbon Spider adversaries. The Russian Federation is clearly listed a s a target.

Let's recall that DarkSide has been referred to as the Robin Hood of ransomwarers. They swear they won't harm education, medical, or government stuff. They happily put out that they're "in it for the money" (good cappies, no worries) and not to upset the money cart of capitalism ("no geologypolitics are us!"). DarkSide is just a ransomware-as-a-service (Raas); they're service providers. Thuposedly the way it works is that an otherwise "free-for-all" associate has a target in mind that the core DarkSide builds a ransomware kit for and the installation is carried out by the associates. The associate gets about 75% of the proceeds, DS the rest. And some of that "the rest" gets donated to Children's Services (who reject it). This led to a number of what seems to me commonsense questions, which I forwarded to a techie who writes about ransomware and stuff at their site. Here are the questions:

1. If affiliates can attack whoever they want, as your piece says, then why do they need to go to the core for ransomware?

2. Following from 1., how would the core implement their credo (do no harm), if it's a free-for-all that they develop ransomware for?

3. Following from 2., how could the core not have known that the affiliate was targeting Colonial, if the ransomware is built around the target?

4. I was under the impression that ransomware is tailored to a target. Is that wrong?

5. Is the ransomware generic then?

6. Why would DarkSide, IYHO, essential say, oops, and apologize, and agree to "vet" from now on. Dunno, sounds kind of girly.

7. But following from 6., Colonial is not the only oil and gas corporation that DarkSide targeted. I saw a list where they'd targeted 3 in total. Will they be issued apologies too?

8. GEOpolitical question: Technically speaking, what would be the advantage of storing data leaks on servers in Iran? Wouldn't the servers be on the Internet? Ergo, hackable by NSA agents, say? Why would Iran be okay with such an announcement now at such a politcally sensitive time?

Next Page  1  |  2  |  3

(Note: You can view every article as one long page if you sign up as an Advocate Member, or higher).

Rate It | View Ratings

John Hawkins Social Media Pages: Facebook page url on login Profile not filled in       Twitter page url on login Profile not filled in       Linkedin page url on login Profile not filled in       Instagram page url on login Profile not filled in

John Kendall Hawkins is an American ex-pat freelance journalist and poet currently residing in Oceania.

Go To Commenting
The views expressed herein are the sole responsibility of the author and do not necessarily reflect those of this website or its editors.
Follow Me on Twitter     Writers Guidelines

Contact AuthorContact Author Contact EditorContact Editor Author PageView Authors' Articles
Support OpEdNews

OpEdNews depends upon can't survive without your help.

If you value this article and the work of OpEdNews, please either Donate or Purchase a premium membership.

If you've enjoyed this, sign up for our daily or weekly newsletter to get lots of great progressive content.
Daily Weekly     OpEd News Newsletter
   (Opens new browser window)

Most Popular Articles by this Author:     (View All Most Popular Articles by this Author)

Chicago 7: Counter Cultural Learnings of America for Make Money Glorious Nation of Post-Truthvaluestan

Sonnet: Man-Machine: The Grudge Match

Outing the Appendix: The Climate Change Wars

Q and A with Carey Gillam of The New Lede

Sonnet: Mother's Day Poem

Finding the Mother Tree: An Interview with Suzanne Simard

To View Comments or Join the Conversation:

Tell A Friend