By Moon Of Alabama
May 12, 2021 "Information
Clearing House" - - "Moon
- " Emotet had nothing to do with
Now the U.S. is accusing Russia of somehow having
President Joe Biden said Monday that a
Russia-based group was behind the ransomware
attack that forced the shutdown of the largest
oil pipeline in the eastern United States.
The FBI identified the group behind the hack
of Colonial Pipeline as DarkSide, a shadowy
operation that surfaced last year and attempts
to lock up corporate computer systems and force
companies to pay to unfreeze them.
"So far there is no evidence ... from our
intelligence people that Russia is involved,
although there is evidence that actors,
ransomware is in Russia," Biden told reporters.
"They have some responsibility to deal with
this," he said.
Three days after being forced to halt
operations, Colonial said Monday it was moving
toward a partial reopening of its 5,500 miles
(8,850 kilometers) of pipeline — the largest
fuel network between Texas and New York.
Biden however is badly informed. There is no
evidence that DarkSide has anything to do with
Russia. It is, like Emotet, a
commercial 'ransomware-as-a-service' criminal entity
that wants to make money and does not care about
No Advertising - No Government Grants - This Is
Yes, a version of the DarkNet software does
exclude itself from running on system with
specific language settings:
The DarkSide malware is even built to conduct
language checks on targets and to shut down if
it detects Russian, Ukrainian, Belarusian,
Armenian, Georgian, Kazakh, Turkmen, Romanian,
and other languages ...
That is a quite long list of east European
languages and Russian is only one of it. Why the
authors of DarkNet do not want their software to run
on machines with those language settings is unknown.
But why would a Russian actor protect machines with
Ukrainian or Romanian language settings? Both
countries are hostile towards Russia. To claim that
this somehow points to Russian actors is therefore
rejected Biden's accusation:
The Kremlin has once again pointed out the
importance of cooperation between Moscow and
Washington in tackling cyberthreats amid a
cyber-attack on Colonial Pipeline, a US company.
"Russia has nothing to do with these hacker
attacks, nor with the previous hacker attacks,"
Kremlin Spokesman Dmitry Preskov assured
reporters on Tuesday.
"We categorically reject any accusation
against us, and we can only regret that the US
is refusing to cooperate with us in any way to
counter cyber-threats. We believe that such
cooperation - both international and bilateral -
could indeed contribute to the common struggle
against this scourge [known as] cyber-crime,"
The U.S. seems notoriously bad at attributing
computer hacks. It claims that the recent SolarWinds
attack which intruded several government branches
was also done by Russia. But that attack
required deep insider knowledge and access to
The recently discovered deep intrusion into
U.S. companies and government networks used a
manipulated version of the SolarWinds Orion
network management software. The Washington borg
immediately attributed the hack to Russia. Then
President Trump attributed it to China. But none
of those claims were backed up by facts or known
The hack was extremely complex, well managed
and resourced, and likely required insider
knowledge. To this IT professional it 'felt'
neither Russian nor Chinese. It is far more
likely, as Whitney Webb finds, that
Israel was behind it.
Indeed - the programmers of an Israeli company,
recently bought up by SolarWinds, had all the
necessary access for such a hack. However the U.S.
sanctioned Russia over the SolarWinds hack without
providing any evidence of its involvement.
If the U.S. continues to blame Russia without any
evidence for each and every hack there may come a
time when Russia stops caring and really starts to
hack into or destroy important U.S. systems. The
U.S. should fear that day.
Registration is necessary to post comments.
We ask only that you do not use obscene or offensive
language. Please be respectful of others.