Report: Colonial confirms it paid $4.4M to pipeline hackers

The operator of the nation’s largest fuel pipeline has confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems

The operator of the nation’s largest fuel pipeline confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems, according to a report Wednesday from The Wall Street Journal.

Colonial Pipeline’s CEO, Joseph Blount, told the Journal he authorized the payment after the May 7 ransomware attack because the company didn’t know the extent of the damage and wasn’t sure how long it would take to bring the pipeline’s systems back.

“I know that’s a highly controversial decision,” Blount told the Journal. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”

“But it was the right thing to do for the country,” he said.

Blount said Colonial paid the ransom in consultation with experts who previously dealt with the group behind the attacks, DarkSide, which rents out its ransomware to partners to carry out the actual attacks.

Multiple sources had confirmed to The Associated Press that Colonial Pipeline had paid the criminals who committed the cyberattack a ransom of nearly $5 million in cryptocurrency for the software decryption key required to unscramble their data network.

Blount told the Journal the attack was discovered around 5:30 a.m. on May 7. It took Colonial about an hour to shut down the pipeline, which has 260 delivery points across 13 states and Washington, D.C., Blount said. That helped prevent the infection from potentially migrating to the pipeline’s operational controls.

Colonial restarted its pipeline a week ago, but it took time to resume a full delivery schedule, and the panic-buying led to gasoline shortages. More than 9,500 gas stations were out of fuel on Wednesday, including half of the gas stations in D.C. and 40% of stations in North Carolina, according to Gasbuddy.com, which tracks fuel prices and station outages.

Be the first to comment

Leave a Reply

Your email address will not be published.


*