The U.S. Department of Transportation issued an exemption to 18 states to distribute fuel over the country after a large distribution company began to be blackmailed.

One One of the major fuel distributors in the United States had to shut down on Friday when its systems were attacked by a blackmail malware.

According to Colonial Pipeline’s own announcement, its line is the largest refined fuel line in the country. About 45 percent of the fuel demand on the U.S. East Coast, or about more than 100 million gallons (less than 380 million gallons), passes through the line daily.

The U.S. Department of Transportation issued on Sunday emergency order, under which oil shipments can exceptionally be handled by land and sea until the Colonial Pipeline is in order. The provision applies to eighteen states.

Blackmail malware was observed on Friday. According to Colonial Pipeline, the malware has not gained access to the company’s distribution systems, but they too were shut down as a precaution to prevent the attack from spreading to customers.

For the American For the Zero Day blog Colonial’s subcontractor, which commented on the matter, said the company had communicated to its stakeholders that the problem could not be fixed in a couple of days, but on the other hand, it should not take six weeks either.

The longer the situation lasts, the more significant its consequences and multiplier effects will be. British Broadcasting Corporation BBC’s oil market analysts reached estimate that fuel prices could rise by a couple of three per cent on Monday. On the other hand, a news agency Associated Press the analysts interviewed were of the opinion that the effects on prices may not even occur in a few days.

Oil market analyst Gaurav Sharman according to oil refineries in Texas in particular, there is now an accumulation of petroleum products that should be taken forward.

“If they don’t get it fixed by Tuesday, they’re in big trouble. First the effects are felt in Atlanta and Tennessee, then the domino effect extends all the way to New York, ”Sharma told the BBC.

The Colonial Pipeline logo appears on the side of a fuel depot in Woodbridge, New Jersey.­

Stateside it is quite routinely thought that significant cyber security deviations are due to the actions of opposing states. Such are Russia, China and Iran. On the other hand, blackmail malware and its use on valuable items is a professional and diverse form of organized crime.

According to several sources, Colonial Pipeline has been attacked by a criminal group calling itself Darkside. It has been used this year as a textbook example of the industrialization of crime using extortion malware.

The group, which was activated last fall, is now considered one of the most effective cybercrime and avoids targets in former Soviet countries. On the basis of the Darks sites and especially the missing sites, it has been concluded that the group is from Russia or some other former Soviet state.

The conclusion is not unusual or perhaps even particularly alarming politically, as the former Soviet countries appear year after year alongside China and Brazil as top ten producers of cybercrime.

News agency A security researcher interviewed by Reuters Chuong Dong is familiar with To the extortion malware code used by Darkside. It is by no means technically exceptional.

Reuters also interviewed the director of the American security company Cybereason Lior Divia. Since August, ten Cybereason customers have come into contact with Darkside.

Lior Div estimates that hitting such an attention-grabbing and infrastructure-critical site as the Colonial Pipeline may have been a mistake from criminals.

“There’s no good to their business from the U.S. administration or the federal police FBI intervening,” Div said.

“That’s the last thing they need.”

Stateside there is a constant constant concern about the attempts of foreign states to endanger the security of the superpower through computer networks. The concern is not unfounded when recalling Russian intelligence attempts to disrupt the presidential election in 2016.

In addition at the end of last year came to light through the American company Solarwinds to the U.S. administration and a widespread supply chain attack. A supply chain attack means that the customers of a hacked target are gradually reached through a single target. Through Solarwinds’ online monitoring programs, cyber espionage against the company’s customers was revealed by SVR, a foreign intelligence service in Russia.

Blackmail malware can also be made by a state-run hacker group. For example, in 2017, the widespread, rather rudimentary Wannacry blackmail malware was handwritten by North Korea.

Tightening malware however, are more often commonplace cybercrime. In recent years, a phenomenon known as blackmail has become widespread among criminal groups using extortion malware big game hunting that is, hunting big game.

The game in this case are solvent companies. If the continuity of their business is threatened without telecommunications, the threshold for paying even a hard ransom will be lowered.

Cybereason security company director Lior Div found the Darkside group to be effective, even though it is new. They do their background work carefully.

“Usually they know who the leader is, they know where the money is, and they know who to talk to,” Div said.