The head of Colonial Pipeline confirmed that the company paid the criminals a ransom after the largest pipeline operator in the United States suffered from the DarkSide ransomware attack in mid-May 2021.
The attack caused problems with the supply of gasoline, diesel fuel, aviation fuel, and other refined products, and an emergency regime was introduced in a number of states.
The incident forced Colonial Pipeline to temporarily suspend operations, and the company is transporting petroleum products between refineries located on the Gulf Coast and markets in the south and east of the United States. The company’s 5,500-mile pipeline carries up to 2,500,000 barrels per day, roughly 45% of all fuel consumed on the US East Coast.
At the end of last week, Bloomberg, citing its own anonymous sources, reported that the company had paid a ransom of $5,000,000 to the ransomware operators. Although the Washington Post and Reuters previously wrote that the company did not intend to negotiate with the attackers, Bloomberg said that this information was not true.
Colonial Pipeline CEO Joseph Blount officially confirmed to Wall Street Journal reporters today that the company paid the cybercriminals a ransom of $4.4 million in bitcoins. According to him, it was necessary to recover as quickly as possible from the ransomware attack, which had an impact on critical energy infrastructure. Blount calls the ransom payment “the right thing to do” for the country.
In the end, the company did receive a tool for decrypting data, but, as previously reported, it worked so slowly that in the end, the company’s specialists were forced to continue the previously started recovery of systems from backups.
Let me remind you that After the sensational cyberattack on the American fuel giant Colonial Pipeline, experts proposed a kind of “vaccine” against Russian hackers.