I’d expect $5-6 soon, IT guy here who would be one to called in.
So, this morning Colonial Pipeline’s website was pulled offline. Load balancer still there, back end app / web server isn’t.
What this means: They had access to EVERYTHING. IT is still shutting down systems. Mandiant or another cyber sec firm is likely on-site, and this is just the beginning. They’re shutting down each system one by one to likely rebuild.
This might make Maersk look small. Small stations will run dry. Larger ones should be able to have a steady supply, but expect $5-7 this summer unless they call about 1,000 people in like my and have ironclad backups off-site using Veeam or another B&R system.
EDIT: Maersk URL, biggest cyber shutdown from a ransomware. Basically all of Colonial Penn’s systems are ‘dirty’ with hackers inside for an unknown time.
US infrastructure has been targeted awhile with people asleep at the wheel.
One example, people got paid $500 to give their AD / VPN credentials to a ‘startup’ company that was actually a cybercrime front that enabled persistent access to a ton of fortune 500’s and security systems.
So stupid employee #A gives their info and password up and gets paid $500 one time + $25 per month it works. Cyber criminals auction it off on the darkweb and advertise the credentials and what access it has until someone buys it.
Someone buys it and laterally moves from a small-end user account and gets to an AD controller or even just monitoring system, and plants some custom ransomware coded to evade AV.
No SentinelOne or DarkTrace (AI / heuristics) and the entire company is affected, and has to shut down every system and rebuild.
If they have backups off-site that weren’t affected and hire an army of IT engineers you can maybe expect end of the week. If not, we’re in for a long summer.
By the fact they just took their website down this morning means they’re still shutting down systems and rebuilding one by one.
I’m personally filling up a few 5 gallons today, and damn glad I have a Tesla on order.