Colonial Pipeline pays $4.4m ransom to hackersEuropost
US Colonial Pipeline confirmed it had paid $4.4 million ransom to hackers in order to be able to restart normal operations, BBC reported. The hack attack succeeded in shutting down temporarily the pipeline and switched it offline. The boss of Colonial Joseph Blount admitted to the Wall Street Journal that he authorised the payment on 7 May because of uncertainty over how long the shutdown would continue.
"I know that's a highly controversial decision," Blount said in his first interview since the hack. The 8,900-km pipeline carries 2.5 million barrels a day. According to the firm, it carries 45% of the US East Coast's supply of diesel, petrol and jet fuel. Blount told the newspaper that the firm decided to pay the ransom after discussions with experts who had previously dealt with DarkSide, the criminal organisation behind the attack. "I didn't make that decision lightly. I will admit that I wasn't comfortable seeing money go out the door to people like this. "But it was the right thing to do for the country," he added.
The US government had recommended in the past that companies do not pay criminals over ransomware attacks, in case they invite further hacks in the future. Colonial Pipeline took itself offline on 7 May after the cyber-attack. In return for the Bitcoin payment, the company received a decryption tool so it could unlock the systems compromised by the hackers - although that was not enough to restart systems immediately, according to the newspaper. Blount added that it would take months before some other business systems are recovered, and estimated that the attack would ultimately cost the company tens of millions of dollars. He also regrets that the company has lost some degree of anonymity, having led the firm since 2017. "We were perfectly happy having no one know who Colonial Pipeline was, and unfortunately that's not the case any more," he said. "Everybody in the world knows."