Colonial Pipeline Paid Ransomware Criminals $5m – Report

The Colonial Pipeline ransomware attack last week has taken a fresh twist, after the criminals behind the attack were reportedly paid a sickening amount of money.

Bloomberg, CNN, and other US media sources all citing their own sources, reported that a ransom was paid – to the tune of $5 million.

This payment of the ransom contradicts reports earlier this week that the company had no intention of paying a ransom to help restore the country’s largest fuel pipeline, despite the firm reportedly having an insurance policy in place for just such an eventuality.

Payment made

According to Bloomberg, the Georgia-based operator of the pipeline paid the $5 million in cryptocurrency within hours after the attack.

That quick payment underscored the immense pressure the operator was under to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, people told Bloomberg.

A third person familiar with the situation said US government officials are aware that Colonial made the payment.

Once they received the payment, the hackers reportedly provided the operator with a decrypting tool to restore its disabled computer network.

The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.

A representative from Colonial declined to comment.

Devastating attack

Colonial said it began to resume fuel shipments around 5pm Eastern time Wednesday, but there is still reports of widespread disruption in parts of the United States, with fuel supplies running out at petrol stations, and passenger jets having to make extra stops on their flights to refuel.

The attack was carried out by the criminal group called DarkSide, which is reportedly based in Russia or eastern Europe.

Earlier this week British Foreign Secretary Dominic Raab warned Russia that it cannot continue to shelter criminal gangs carrying out ransomware attacks on Western nations.

US President Joe Biden was briefed about the cyber-attack this past week and had already enacted emergency powers to deal with the disruption.

Also this week President Biden signed an executive order designed to enhance cyber security in the US.

As part of that order, federal agencies will be required to introduce multi-factor authentication to their systems and encrypt all data within six months in a bid to make it harder for hackers to penetrate their IT infrastructure.

Bloomberg News asked President Biden if he had been briefed on Colonial Pipeline making the ransom payment to the criminals, the president paused, then said: “I have no comment on that.”

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Google Adds Encryption To Messages App, Expands Earthquake Detection

Android announcements includes Google Messages now offering end-to-end encryption and expanded Earthquake detection and alerts

2 hours ago

Alphabet’s Waymo Raises $2.5 Billion Funding

Fresh round of investment into self-driving division of Alphabet, to help grow Waymo and develop…

3 hours ago

Indian Minister Accuses Twitter Of Non-Compliance

Twitter stand-off with Indian authorities continues as technology minister says firm deliberately failed to comply…

5 hours ago

Windows 10 To Be Retired In 2025, As Windows 11 Leaks

Microsoft web document shows it will stop supporting Windows 10 in October 2025, as it…

7 hours ago

Sir Tim Berners-Lee To Auction Web Source Code As NFT

Sir Tim Berners-Lee is to auction off the original source code for World Wide Web…

8 hours ago

Apple, Google Face Mobile Ecosystem Investigation By CMA

UK watchdog the CMA launches investigation of smartphone giants Apple and Google, over their respective…

1 day ago