Colonial Pipeline Paid Hackers Millions in Ransom
Colonial Pipeline, which was forced to shut down operations last week due to a ransomware attack, paid nearly $5 million to hackers to restart their fuel pipeline.
According to a Bloomberg report that has since been confirmed by multiple outlets, the company that operates the largest gasoline pipeline in the country paid the ransom using cryptocurrency just hours following the attack, despite several reports to the contrary. DarkSide, a digital extortion group, is believed to be responsible for the hack.
Following payment, Bloomberg reported, the hackers provided the company with a decrypting tool to restore the offline network, but Colonial Pipeline continued to use its own backup systems to restart because the tool they paid for worked too slowly. The FBI usually advises companies not to pay ransoms from these types of groups because there is no way to ensure the hackers will follow through and return the files.
Colonial’s pipelines are a crucial delivery system for the eastern seaboard of the United States. According to the company, their pipelines transport 2.5 million barrels per day and supply approximately 45 percent of all fuel used on the East Coast.
As of Thursday, the company says they’ve made “substantial progress” in restarting the pipeline system. But according to CNN, citing statistics from GasBuddy, a platform that tracks fuel demand, prices, and outages, widespread shortages are expected to last for days. The network reports 71 percent of the gas stations in North Carolina, 55 percent in Virginia and 49 percent in Georgia are without gas.
On Thursday Energy Secretary Jennifer Granholm said the restart “should mean things will return to normal by the end of the weekend.”
This week, President Joe Biden signed an executive order aimed at strengthening U.S. cybersecurity. The order, among other steps, requires IT service providers, to tell the government about cybersecurity breaches, establishes a cybersecurity safety review board, and mandates the deployment of multifactor authentication and encryption methods.
“The federal government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life,” Biden said in the order.