Colonial pipeline hackers say they're 'apolitical' and only out to make money

The group said they would choose targets more carefully in the future.

Michael M. Santiago via Getty Images

The hacking group suspected of launching the cyberattack that choked a major US pipeline last week has issued a statement declaring it has no political motivations. "We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives," the Darkside ransomware group said on its site on the dark web, according to Motherboard.

The aftershocks from the attack on the Colonial pipeline, which supplies half of the fuel consumed along the East Coast, are still being felt. Local news outlets are reporting risks of gasoline shortages, while Reuters reports that several US refiners are booking tankers to store refined oil off the Gulf Coast. Colonial, which shut down the pipeline in response to the ransomware attack, has said that it hopes to restore services "by the end of week."

For its part, Darkside claims its aim was to "make money" and not to cause large-scale disruption. In the future, it said it would change its approach to choosing targets to avoid "social consequences." The group's statement arrives as US law enforcement continues to unearth more details about the origins of the attack. While officials are trying to uncover whether this was a coordinated effort from a nation state.

Yesterday, the FBI confirmed that the Darkside ransomware — believed to be operated by a Russian cybercrime gang of the same name — was used to carry out the attack. According to The New York Times, federal officials believe the malware was directed at the back-office operations of Colonial instead of the pipeline's control systems. A preliminary investigation reportedly revealed poor security practices that made it "fairly easy" for hackers to infiltrate the company's network.

President Biden has said that while there's no evidence of Russian government involvement, "there is evidence that the actor's ransomware is in Russia." He continued: “We have efforts underway with the FBI and DOJ [Department of Justice] to disrupt and prosecute ransomware criminals.”