Colonial Pipeline Paid Ransomware Criminals $5m – Report

The Colonial Pipeline ransomware attack last week has taken a fresh twist, after the criminals behind the attack were reportedly paid a sickening amount of money.

Bloomberg, CNN, and other US media sources all citing their own sources, reported that a ransom was paid – to the tune of $5 million.

This payment of the ransom contradicts reports earlier this week that the company had no intention of paying a ransom to help restore the country’s largest fuel pipeline, despite the firm reportedly having an insurance policy in place for just such an eventuality.

Payment made

According to Bloomberg, the Georgia-based operator of the pipeline paid the $5 million in cryptocurrency within hours after the attack.

That quick payment underscored the immense pressure the operator was under to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, people told Bloomberg.

A third person familiar with the situation said US government officials are aware that Colonial made the payment.

Once they received the payment, the hackers reportedly provided the operator with a decrypting tool to restore its disabled computer network.

The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.

A representative from Colonial declined to comment.

Devastating attack

Colonial said it began to resume fuel shipments around 5pm Eastern time Wednesday, but there is still reports of widespread disruption in parts of the United States, with fuel supplies running out at petrol stations, and passenger jets having to make extra stops on their flights to refuel.

The attack was carried out by the criminal group called DarkSide, which is reportedly based in Russia or eastern Europe.

Earlier this week British Foreign Secretary Dominic Raab warned Russia that it cannot continue to shelter criminal gangs carrying out ransomware attacks on Western nations.

US President Joe Biden was briefed about the cyber-attack this past week and had already enacted emergency powers to deal with the disruption.

Also this week President Biden signed an executive order designed to enhance cyber security in the US.

As part of that order, federal agencies will be required to introduce multi-factor authentication to their systems and encrypt all data within six months in a bid to make it harder for hackers to penetrate their IT infrastructure.

Bloomberg News asked President Biden if he had been briefed on Colonial Pipeline making the ransom payment to the criminals, the president paused, then said: “I have no comment on that.”

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Google Must Face Trial In Ad Tech Monopoly Case

Google loses bid for summary judgement as judge says 'too many facts in dispute' as…

8 hours ago

Silicon In Focus Podcast: Feeding the Machine

Learn how your business can meet the challenges associated with managing data across multiple platforms…

8 hours ago

Apple, Meta Likely To Face EU Antitrust Charges

Apple, Facebook parent Meta reportedly likely to face EU antitrust charges before August under new…

8 hours ago

Adobe Shares Jump On AI Success

Adobe shares post biggest gains in more than four years after it reports user take-up…

9 hours ago

Winklevoss’ Gemini To Pay $50m In Crypto Fraud Settlement

Winklevoss twins' Gemini Trust to pay $50m to settle cypto fraud claims over failed Gemini…

9 hours ago

Meta Delays EU AI Launch After Privacy Complaints

Meta delays Europe launch of AI in Europe after user, privacy group complaints over plans…

10 hours ago