Covering COVID-19 is a daily Poynter briefing of story ideas about the coronavirus and other timely topics for journalists, written by senior faculty Al Tompkins. Sign up here to have it delivered to your inbox every weekday morning.

Close to half of the gasoline, diesel fuel and jet fuel that the East Coast states consume moves silently through Colonial Pipeline. Without that pipeline carrying 2.5 million barrels —  that’s 100 million gallons — a day, we would have to have a nonstop parade of tractor-trailers hauling fuel from Houston to New York.

The Colonial Pipeline has been closed since Friday due to a cyberattack. The U.S. Department of Transportation issued an emergency order allowing truck drivers to work longer hours and transport fuel over-the-road in Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.

Roger Read, an analyst for Wells Fargo, says there are three scenarios to consider in the days ahead. Each scenario is premised on how long the shutdown lasts:

1. Fewer than five days: If a partial restart of the pipeline begins by Wednesday, there will be “no significant or lasting impacts.”
2. Six to 10 days: Refiners may need to reduce the amount of crude oil they process if the pipeline remains shut for up to 10 days. Inventories will rise in the U.S. Gulf Coast, causing prices to fall, while prices in the East Coast would jump, the analyst said. The East Coast is also likely to import more waterborne fuel, and spot shortages will start to take place in parts of the Southeast.
3. More than 10 days: Refiners in the Gulf Coast will almost definitely have to reduce their runs, and oil prices may weaken compared with waterborne crudes to encourage exports. “Expect significant fuel shortages in the interior Southeast of the U.S.,” Wells Fargo said in the note.

Colonial says it will take several more days to get the pipeline flowing again. Bloomberg reports:

Emergency shipments of gasoline and diesel from Texas already are on the way to Atlanta and other southeast cities via trucks, and at least one Gulf Coast refinery began trimming output amid expectations that supplies will begin backing up in the nation’s oil-refining nexus. Airlines flying out of Philadelphia International Airport are burning through jet-fuel reserves and will need to locate new supplies “soon,” a spokeswoman said.

Government officials haven’t advised Colonial on whether it ought to pay the ransom, Deputy National Security Adviser for Cyber and Emerging Technologies Anne Neuberger said during a briefing.

Who is Darkside?

The FBI says a ransomware group called Darkside is behind the pipeline attack. Darkside, which has been around since mid-2020, claims to be a sort of “Robin Hood” organization that does not attack medical, educational or government targets — only large corporations. The group claims that it donates a portion of what it takes to charity.

In fact, Darkside takes a sort of corporate view of its illegal activity and released a press statement about how it targets victims:

(Dark Shadows)

Darkside has hit at least 80 companies with ransomware in the last year. Cybersecurity company Dark Shadows says, “DarkSide is no different from its counterparts but is indeed the latest representation of the rising Ransomware-as-a-Corporation (RaaC) trend. Cybercriminals have seen their revenues steadily increase in the last years, making the ransomware market extremely prolific. Consequently, we’ve observed frequent attempts from threat actors to upscale their operations’ external appearance to improve their reliability and reputation.”

Darkside generally targets English-speaking victims and avoids Russian-speaking businesses.

Dark Shadows explains the business of ransomware threats:

The operators behind DarkSide harvest the clear text data from their victim’s server before encrypting it and requesting a ransom. The stolen data is then uploaded to DarkSide’s leak website, which serves as a powerful extortion tool for the threat group. The targeted company risks sensitive data loss after a successful attack, and not to mention, a public breach can severely damage an organization’s reputation. If this tactic sounds familiar to you, you’re right on the money — we’ve been closely following the pay-or-get-breached trend since late 2019.

Should companies pay ransoms?

Law.com reported recently that the federal government is making it more difficult for companies to pay ransoms to keep their data private:

The U.S. Treasury Department however, is now stepping in with official guidance in an advisory published October 1st. It warns that any companies or contractors a hacked organization works with including those providing insurance, incident response, and digital forensics as well as all financial services that help facilitate or process ransom payments, could be subject to fines in addition to the victimized organization itself from the Office of Foreign Assets Control if payments are made to certain identified notoriously high-profile cybercrime organizations, or entities in certain countries.

According to a new report by The Crypsis Group, ransomware demand costs could reach new highs this year, exceeding $1.4 billion in the United States. Increasingly, insurance companies are refusing to pay ransomware claims.

When victims do pay ransoms, more than 90% do not get their data back. Forbes reports:

According to the Sophos State of Ransomware 2021 report, the number of organizations deciding to pay a ransom has risen to 32% in 2021 compared to 26% last year. Here’s the thing though, that same global survey discovered that only 8% of them got all their data back despite doing so. Nearly a third, 29%, couldn’t recover more than half the encrypted data.

Even what appears to be some good news in the report, that the number of organizations whose data was encrypted by ransomware dropped from 73% in 2020 to 54% in 2021, is tempered by the new reality of ransom attack behavior.

The Sophos research suggests that average ransomware recovery costs are now $1.85 million compared to $761,106 a year ago. While the ransoms themselves vary tremendously, based on the size of the victim organization and the value of the data stolen, Sophos found the average paid to be $170,404. This isn’t altogether surprising given that even those big numbers that we see reported, such as the $50 million demanded from Quanta and Apple, or the $10 million from Garmin, would not be the amount actually paid if they decided to take that option. Ransom negotiators are now a standard part of ransomware incident response, and final ransoms paid tend to be a fraction of the original demand.

When will we drop the masks?

A “masks required” sign is affixed to a window of Sally Beauty on Tuesday, June 23, 2020, in Salt Lake City. (AP Photo/Rick Bowmer)

Dr. Anthony Fauci predicts that the Centers for Disease Control and Prevention will soon recommend that vaccinated people can relax mask-wearing indoors. Dr. Scott Gottlieb, the former commissioner of the Food and Drug Administration, says it is time to start offering a sort of reward for people to get vaccinated, and relaxing indoor mask requirements would be one way to do that.

New Ipsos polling taken after the CDC revised its guidelines for when vaccinated people can safely take off their masks shows vaccinated people are still more likely to wear a mask than those who choose to be unvaccinated.

“But the share of vaccinated people who reported wearing masks at all times has dropped since mid-April. It’s now 63%, down from 74% in the April 16-19 Axios-Ipsos Coronavirus Index poll.”

(Axios)

The least likely generation to wear masks at all times? That’s Generation X (41-56-year-olds), at 51%. That’s compared to 59% of baby boomers, 57% of millennials, and 65% of Gen Z.

As much attention as anti-maskers get, there is another segment among us who are considered “forever-maskers.” They kind of like the protection of a mask coupled with the anonymity and the fact that mask-wearing provides protection against a range of germs and viruses, including the flu and colds. Refinery29 put it this way:

“It’s no different than having a drink or taking a drug or running or any number of ways that we kind of manage our anxiety,” clinical psychologist Lina Perl told Intelligencer about people who choose to wear face masks even after the danger of COVID-19 is gone. “But you can get disconnected from the actual danger.” While she understands why forever maskers choose to continue to hide their faces, Perl also voiced her hope that they “don’t underestimate the loss of [human] connection,” which society will achieve again once our faces are back out in full display.

Still, outside of mental health reasons like anxiety, Americans wanting to make face masks a permanent part of our culture is growing in popularity. The conversation has persisted since 2020, with the general consensus being that the country as a whole could stand to adopt cleaner habits.

An article in The Atlantic ignited some fury when it said “very liberal” people are being “overcautious” by continuing “to embrace policies and behaviors that aren’t supported by evidence.”

Dr. Fauci says that even when the pandemic is past us, we may wear masks seasonally from now on. He said, “We’ve had practically a nonexistent flu season this year merely because people were doing the kinds of public health things that were directed predominantly against COVID-19.”

People released from prison during COVID-19 may be forced to return

USA Today is reporting about a Trump-era document that may order thousands of people who were released from federal prisons during the height of the pandemic to return to prison:

24,000 nonviolent federal prisoners have been allowed to serve their sentences at home to slow the spread of COVID-19 inside prisons. But a Justice Department memo issued in the final days of the Trump administration says inmates whose sentences will extend beyond the pandemic must be brought back to prison.

Advocates urged the Justice Department to rescind the memo, saying it defeats the whole idea of rehabilitation and contradicts President Joe Biden’s campaign promise to allow people with criminal pasts to redeem themselves.

Of the 24,000 prisoners who were allowed to go home, 151 — less than 1% — have violated the terms of their home confinement and three have been arrested for new crimes.

The Federal Bureau of Prisons says it is not in a rush to make a decision on the matter.

Variant cases are now shown by region

The CDC used to display variant numbers by state. Now the CDC is posting the number of variant cases by region. I can see that in some ways this might be more useful to spot trends as people travel to states closest to where they live.

(CDC)

You can still get the individual state numbers but you will have to go to this chart and do a little math.

(Tableau/Strain Surveillance)

So, you will go to the total sequences per state and use the percentage for each variant against the sequence. But, truthfully, the percentages are more telling if you are looking for trends.

Brits say there will be a third shot by the end of the year

While much of the world is trying to get the first round of COVID-19 vaccines delivered, The Times of London says Britain is planning a third “booster shot” for people over age 50 before the end of the year. The paper says the booster shot may be engineered to protect against variants that have emerged since the first round of vaccinations.

We’ll be back tomorrow with a new edition of Covering COVID-19. Are you subscribed? Sign up here to get it delivered right to your inbox.