Sunny Tran, a 36-year-old nail technician with tattooed biceps and a minivan, couldn’t blame his crummy Thursday-morning drive on the usual Maryland traffic.
No, he was traveling all over Prince George’s County looking for a station that still had gas because some dudes who are thousands of miles away — most likely in Russia — hacked the computer system of the pipeline that delivers fuel to cities up and down the Eastern Seaboard.
When Colonial Pipeline announced the attack May 7, people rushed to panic-buy fuel, snowballing the problem. You could almost hear “My Sharona” playing on an eight-track in the background as the East Coast was transported back to the fuel crisis of 1979, when gas-station lines stretched for ages.
I whipped out my phone to check my GasBuddy app when I heard the news, and sure enough all the spots along my errand route showed a gas pump crossed out.
DarkSide, the cyberbandits who claimed responsibility for the attack, sound as if they’ve watched Money Heist one too many times, borrowing from the wildly popular Spanish series’ premise — that you can steal without hurting people.
“We are apolitical, we do not participate in geopolitics,” read an online statement from DarkSide. “… Our goal is to make money, and not creating problems for society.”
They issued a declaration of their ethics, saying they won’t launch their ransomware into the computer systems of medical institutions, funerals, educational institutions, nonprofit organizations or the government sector — they don’t want to hurt everyday people.
Except that’s never the case. Everyday people always get hurt.
Just a few days before the pipeline attack, the members of the House Homeland Security Committee were warned of the coming danger of ransomware attacks.
“Considered a low-dollar, online nuisance crime only a few short years ago, ransomware has exploded into a multibillion-dollar global racket that threatens the delivery of the very services so critical to helping us collectively get through the COVID pandemic,” said Christopher Krebs, who formerly headed the Department of Homeland Security’s cybersecurity agency and testified May 5 before the House panel’s subcommittee on cybersecurity, infrastructure protection and innovation.
“To put it simply, we are on the cusp of a global pandemic of a different variety, driven by greed, an avoidably vulnerable digital ecosystem and an ever-widening criminal enterprise,” Krebs said.
Just last year, more than 115,000 kids were slammed by a different group of cyberbandits who thought Baltimore County Public Schools would be a good target for some fast cash.
Way to go, evil geniuses. Thousands of kids were home without lessons for days — adding insult to the ongoing pandemic-induced injury to their educations — when ransomware froze the district’s system.
It wasn’t just days of missed lessons at 174 schools. That hack ended up costing one of the nation’s 25 largest school districts at least $1.7 million.
How about the great irony of hooligans using ransomware called RobbinHood to cripple the entire city of Baltimore in 2019?
While robbing the poor to give to the evil — demanding just 13 bitcoin (around $100,000 at the time) — they cost the city $18 million and caused chaos in city departments. Because of the hack, people couldn’t even pay their water bills. And months later, when the attack was over, many Baltimoreans faced huge tabs from the backlog.
These reverse Robin Hoods are hobbling vulnerable people and the everyday places we live our lives.
William Wellington, 28, was feeling the pain this week. He makes a living as a delivery driver in Prince George’s and was using the final fumes in his tank to find a place to fill up for a busy workday.
I asked to talk to him about it. He hesitated a bit — worried he would run out of gas — and turned the engine off.
Wellington knew all about the hackers, and it’s part of why he’s studying to work in the IT field. After he saw his girlfriend’s bank card get hacked — twice — he thought IT security would be a growth industry he should aim for.
“There are lots of opportunities there,” Wellington said. “It’s a new world. The computer can be like a sword.”
