Cybersecurity

Hacker group DarkSide operates in a similar way to a franchise, New York Times reporter says

Share
Key Points
  • A hacker group called DarkSide is behind the cyberattack on Colonial Pipeline that shut down a major U.S. oil pipeline.
  • “It operates something like a franchise, where individual hackers can come and receive the ransomware software and use it, as well as, use DarkSide’s reputation, as it were, to extract money from their targets, mostly in the United States,” New York Times correspondent Andrew Kramer says.
VIDEO2:1002:10
The New York Times' Andrew Kramer on the ransomware gang behind recent U.S. attacks

DarkSide, the hacker group behind the recent Colonial Pipeline ransomware attack, has a business model that's more familiar than people think, according to New York Times correspondent Andrew Kramer

"It operates something like a franchise, where individual hackers can come and receive the ransomware software and use it, as well as, use DarkSide's reputation, as it were, to extract money from their targets, mostly in the United States," Kramer said in an interview that aired Wednesday night.

Ransomware is a type of malicious software that's designed to block access to a computer system. Hackers demand a ransom payment in return for restoring access. Colonial reportedly paid a $5 million ransom to DarkSide.

Kramer told CNBC's "The News with Shepard Smith" that the franchise business model enables hackers to have significantly less computer knowledge than they once needed, because they're given ready-made software from DarkSide. 

"You do one small part of it, and the rest of it can be bought off the shelf," Kramer said.