Colonial Confirms Reports of $4.4 Million Ransom Payment to Gang of Pipeline Hackers
The operator of the nation’s largest fuel pipeline confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems.
Colonial Pipeline said Wednesday that after it learned of the May 7 ransomware attack, the company took its pipeline system offline and needed to do everything in its power to restart it quickly and safely, and made the decision then to pay the ransom.
“This decision was not made lightly,” a company spokesman said. “Tens of millions of Americans rely on Colonial — hospitals, emergency medical services, law enforcement agencies, fire departments, airports, truck drivers and the traveling public.”
Colonial Pipeline’s CEO, Joseph Blount, told The Wall Street Journal he authorized the payment because the company didn’t know the extent of the damage and wasn’t sure how long it would take to bring the pipeline’s systems back.
The FBI discourages making ransom payments to ransomware attackers, because paying them encourages criminal networks around the globe that have hit thousands of businesses and health care systems in the U.S. in the past year alone.
But many victims of ransomware attacks, in which hackers demand large sums of money to decrypt stolen data or to prevent it from being leaked online, opt to pay.
“I know that’s a highly controversial decision,” Blount told The Journal. “But it was the right thing to do for the country.”
Blount said Colonial paid the ransom in consultation with experts who previously dealt with the group behind the attacks, DarkSide, which rents out its ransomware to partners to carry out the actual attacks.
A ransom payment of 75 Bitcoin — worth over $2.7 million — was paid the day after the criminals locked Colonial’s corporate network, according to Tom Robinson, co-founder of the cryptocurrency-tracking firm Elliptic. Two people briefed on the case confirmed the payment amount to The Associated Press.
Blount told The Journal the attack was discovered around 5:30 a.m. on May 7.
It took Colonial about an hour to shut down the pipeline, which has 260 delivery points across 13 states and Washington, D.C., Blount said. That helped prevent the infection from potentially migrating to the pipeline’s operational controls.
But there are lingering issues. Blount said Colonial is still unable to bill customers following an outage of that system.
The pipeline system delivers about 45 percent of the gasoline consumed on the East Coast, and Colonial, which is based in Alpharetta, Georgia, halted fuel supplies for nearly a week. That led to shortages at gas stations from Washington, D.C., to Florida.
Colonial restarted its pipeline a week ago, but it took time to resume a full delivery schedule.
More than 9,500 gas stations were out of fuel on Wednesday, including half of the gas stations in D.C. and 40 percent of stations in North Carolina, according to Gasbuddy.com.
The Western Journal has reviewed this Associated Press story and may have altered it prior to publication to ensure that it meets our editorial standards.
Truth and Accuracy
We are committed to truth and accuracy in all of our journalism. Read our editorial standards.
Advertise with The Western Journal and reach millions of highly engaged readers, while supporting our work. Advertise Today.
