Colonial Pipeline Reportedly Paid Russian Hackers More Than $4 Million to Restore Gas Line
Colonial Pipeline Company reportedly paid nearly $5 million to Eastern European hackers to restore its gas line, according to several Friday reports.
Bloomberg cited two anonymous sources familiar with the transaction who said the company paid the ransom in cryptocurrency within hours of the attack, contradicting reports that stated the company was not likely to pay the extortion fee.
A third person told the outlet that government officials are aware that the Georgia-based operator made the payment.
However, when President Joe Biden was asked about the ransom payment reports, he told reporters he had “no comment,” according to Fox Business.
Colonial operates the largest fuel pipeline in the United States — providing roughly half of all diesel and gasoline on the East Coast — and became aware of the cyberattack last Friday, promptly shutting down its operations.
Because of the shutdown, there was a shortage of fuel at many gas stations along the Coast.
After hackers received the payment, they gave the operator a decrypting tool to restore the disabled online network, according to Bloomberg.
The Federal Bureau of Investigation said the hackers were linked to a group called DarkSide, which specializes in digital extortion and is believed to be located in Russia or Eastern Europe.
“These payments have been made to the terrorists,” billionaire businessman John Castimidis told Fox Business on Thursday morning.
“I understand from my sources that $4 million was paid.”
The FBI discourages organizations from paying ransom to hackers because there is no guarantee they will unlock the victim’s files and provides incentives for future hackers, according to Bloomberg.
“We recognize, though, that companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data,” Anne Neuberger, the White House’s top cybersecurity official, told reporters Monday.
CEO and founder of digital forensics firm LIFARS, and a former cyber expert at Loews Corp., Ondrej Krehel said Colonial didn’t have a choice.
“This is a cyber cancer. You want to die or you want to live? It’s not a situation where you can wait,” Krehel said.
He added that a $5 million ransom was “very low” because “ransom is usually around $25 million to $35 million for such a company.”
“I think the threat actor realized they stepped on the wrong company and triggered a massive government response,” he said.
Biden signed an executive order Wednesday to boost America’s cyberdefenses in response to the ransomware attack, NPR reported.
Truth and Accuracy
We are committed to truth and accuracy in all of our journalism. Read our editorial standards.