DarkSide, the criminal group identified by the FBI for being behind the ransomware attack on the Colonial Pipeline, said its aim is to "make money" but not create problems for society.
The National looks at the group's history and how it works.
What is DarkSide?
DarkSide is a relatively new group that released a ransomware strain which made its first appearance in August. Recently, it announced the release of an advanced version called DarkSide 2.0. The new version is twice as fast as the previous one and encrypts files more quickly than any other ransomware on the market, according to cyber experts.
"They are very new but they are very organised," Lior Div, chief executive and co-founder of Boston-based security firm Cybereason, said.
Who are its targets?
The group stresses it is not political, but so far has targeted largely English-speaking countries and avoided the economies of former Soviet states, according to Cybereason.
Its ransom demands range between $200,000 to $2 million and the group has published stolen data from more than 40 victims, who are believed to represent just a fraction of the overall number of victims.
How does it operate?
DarkSide follows the RaaS (ransomware-as-a-service) model, meaning it will sell or lease ransomware to others to perform attacks. The group also has a help desk to facilitate negotiations with victims and to collect information about their targets – not just technical details but also other general information on victims.
"By collecting information, the group is making sure the ransomware is only used against the right targets. The group claims they only target large, profitable companies in their ransomware attacks and claims to have extorted millions of dollars from companies," Cybereason said in a blog.
DarkSide reportedly tried to donate around $20,000 in stolen Bitcoin to different charities, but they refused to accept the funds because of the illegitimate source.
Is it really behind the Colonial Pipeline attack?
Some industry experts suggested that Ryuk ransomware, linked with Russian criminal groups, is behind the attack on the Colonial Pipeline.
With more than 2,000 victims this year, Ryuk is “by far one of the most successful ransomwares”, Ram Narayanan, a Middle East-based manager at US security firm Check Point, said.
“While the US is one of Ryuk’s favourite markets, it is also targeting the UAE and there have been six attacks by Ryuk on UAE organisations so far this year. Globally, 2021 is seeing a huge and worrying surge in ransomware, with a 56 per cent increase compared to the end of last year,” Mr Narayanan added.
How do companies avoid attacks?
The best way for companies to try to avoid becoming victims is to invest in the training of their employees and strengthening their systems to avoid criminal entities like DarkSide and Ryuk.
“This is a nightmare scenario with lasting, real-world repercussions. Infrastructure today is so vulnerable that just about anyone who wants to get in can get in,” Dan Schiappa, chief product officer at British security firm Sophos, said.
“There is a clear national security value for foreign powers [who] want to shut down fuel supply throughout the nation. They are hitting where it hurts, hedging bets on a large payout,” he added.
New research by Sophos found that infrastructure organisations are more likely to pay a ransom than any other industry, with 43 per cent of the victims submitting to demands.
“Organisations must start investing in cyber security preparedness and awareness training … focus on prevention by implementing strong resiliency measures and ensure that employees are properly trained,” Francis Gaffney, director of threat intelligence and response at London-based cyber security company Mimecast, said.
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3ECompany%20name%3A%3C%2Fstrong%3E%20Revibe%20%0D%3Cbr%3E%3Cstrong%3EStarted%3A%3C%2Fstrong%3E%202022%0D%3Cbr%3E%3Cstrong%3EFounders%3A%3C%2Fstrong%3E%20Hamza%20Iraqui%20and%20Abdessamad%20Ben%20Zakour%20%0D%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20UAE%20%0D%3Cbr%3E%3Cstrong%3EIndustry%3A%3C%2Fstrong%3E%20Refurbished%20electronics%20%0D%3Cbr%3E%3Cstrong%3EFunds%20raised%20so%20far%3A%3C%2Fstrong%3E%20%2410m%20%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%20%3C%2Fstrong%3EFlat6Labs%2C%20Resonance%20and%20various%20others%0D%3C%2Fp%3E%0A
Specs
Engine: Dual-motor all-wheel-drive electric
Range: Up to 610km
Power: 905hp
Torque: 985Nm
Price: From Dh439,000
Available: Now
SPECS
%3Cp%3E%3Cstrong%3EEngine%3A%20%3C%2Fstrong%3E4-litre%20flat-six%0D%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E525hp%20(GT3)%2C%20500hp%20(GT4)%0D%3Cbr%3E%3Cstrong%3ETorque%3A%20%3C%2Fstrong%3E465Nm%20(GT3)%2C%20450Nm%20(GT4)%0D%3Cbr%3E%3Cstrong%3ETransmission%3A%20%3C%2Fstrong%3ESeven-speed%20automatic%0D%3Cbr%3E%3Cstrong%3EPrice%3A%20%3C%2Fstrong%3EFrom%20Dh944%2C000%20(GT3)%2C%20Dh581%2C700%20(GT4)%0D%3Cbr%3E%3Cstrong%3EOn%20sale%3A%20%3C%2Fstrong%3ENow%0D%3Cbr%3E%3C%2Fp%3E%0A
Ten tax points to be aware of in 2026
1. Domestic VAT refund amendments: request your refund within five years
If a business does not apply for the refund on time, they lose their credit.
2. E-invoicing in the UAE
Businesses should continue preparing for the implementation of e-invoicing in the UAE, with 2026 a preparation and transition period ahead of phased mandatory adoption.
3. More tax audits
Tax authorities are increasingly using data already available across multiple filings to identify audit risks.
4. More beneficial VAT and excise tax penalty regime
Tax disputes are expected to become more frequent and more structured, with clearer administrative objection and appeal processes. The UAE has adopted a new penalty regime for VAT and excise disputes, which now mirrors the penalty regime for corporate tax.
5. Greater emphasis on statutory audit
There is a greater need for the accuracy of financial statements. The International Financial Reporting Standards standards need to be strictly adhered to and, as a result, the quality of the audits will need to increase.
6. Further transfer pricing enforcement
Transfer pricing enforcement, which refers to the practice of establishing prices for internal transactions between related entities, is expected to broaden in scope. The UAE will shortly open the possibility to negotiate advance pricing agreements, or essentially rulings for transfer pricing purposes.
7. Limited time periods for audits
Recent amendments also introduce a default five-year limitation period for tax audits and assessments, subject to specific statutory exceptions. While the standard audit and assessment period is five years, this may be extended to up to 15 years in cases involving fraud or tax evasion.
8. Pillar 2 implementation
Many multinational groups will begin to feel the practical effect of the Domestic Minimum Top-Up Tax (DMTT), the UAE's implementation of the OECD’s global minimum tax under Pillar 2. While the rules apply for financial years starting on or after January 1, 2025, it is 2026 that marks the transition to an operational phase.
9. Reduced compliance obligations for imported goods and services
Businesses that apply the reverse-charge mechanism for VAT purposes in the UAE may benefit from reduced compliance obligations.
10. Substance and CbC reporting focus
Tax authorities are expected to continue strengthening the enforcement of economic substance and Country-by-Country (CbC) reporting frameworks. In the UAE, these regimes are increasingly being used as risk-assessment tools, providing tax authorities with a comprehensive view of multinational groups’ global footprints and enabling them to assess whether profits are aligned with real economic activity.
Contributed by Thomas Vanhee and Hend Rashwan, Aurifer
Awar Qalb
Director: Jamal Salem
Starring: Abdulla Zaid, Joma Ali, Neven Madi and Khadija Sleiman
Two stars
WOMAN AND CHILD
Director: Saeed Roustaee
Starring: Parinaz Izadyar, Payman Maadi
Rating: 4/5
Sholto Byrnes on Myanmar politics
Dengue%20fever%20symptoms
%3Cul%3E%0A%3Cli%3EHigh%20fever%3C%2Fli%3E%0A%3Cli%3EIntense%20pain%20behind%20your%20eyes%3C%2Fli%3E%0A%3Cli%3ESevere%20headache%3C%2Fli%3E%0A%3Cli%3EMuscle%20and%20joint%20pains%3C%2Fli%3E%0A%3Cli%3ENausea%3C%2Fli%3E%0A%3Cli%3EVomiting%3C%2Fli%3E%0A%3Cli%3ESwollen%20glands%3C%2Fli%3E%0A%3Cli%3ERash%3C%2Fli%3E%0A%3C%2Ful%3E%0A%3Cp%3EIf%20symptoms%20occur%2C%20they%20usually%20last%20for%20two-seven%20days%3C%2Fp%3E%0A
