Advertisement

Colonial Pipeline paid hackers nearly US$5M in ransom: report

Click to play video: 'FBI: Russian hacker group to blame for ransomware attack on Colonial Pipeline'
FBI: Russian hacker group to blame for ransomware attack on Colonial Pipeline
A vital pipeline carrying fuel along the U.S. East Coast was offline for days after a critical ransomware attack brought its operations to a halt. The FBI now says a Russian hacker group known as DarkSide is responsible. As Jackson Proskow reports, it's the latest in a string of cyberattacks targeting American infrastructure – May 10, 2021

Colonial Pipeline paid nearly US$5 million to Eastern European hackers on Friday after a crippling cyberattack that shut the largest fuel pipeline network in the United States, Bloomberg News reported, citing two people familiar with the transaction.

The company paid the ransom in untraceable cryptocurrency within hours after the attack, according to the report.

Colonial Pipeline did not immediately respond to a Reuters request for comment.

The hackers provided the pipeline operator with a decrypting tool to restore its disabled computer network after they received the payment, but the company used its own backups to help restore the system since the tool was slow, Bloomberg News reported.

After a six-day outage, the top U.S. fuel pipeline, which carries 100 million gallons per day of gasoline, diesel and jet fuel, moved some of the first millions of gallons of motor fuels on Thursday.

Story continues below advertisement

The shutdown caused gasoline shortages and emergency declarations from Virginia to Florida, led two refineries to curb production and had airlines reshuffling some refueling operations.

Get expert insights, Q&A on markets, housing, inflation, and personal finance information delivered to you every Saturday.

Get weekly money news

Get expert insights, Q&A on markets, housing, inflation, and personal finance information delivered to you every Saturday.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

The FBI accused a shadowy criminal gang called DarkSide for the ransomware attack. The group, believed to be based in Russia or Eastern Europe, has not directly taken credit, but on Wednesday it claimed to have breached systems at three other companies, including an Illinois tech firm.

Click to play video: 'Biden to meet with Putin over ransomware cyberattack on Colonial Pipeline'
Biden to meet with Putin over ransomware cyberattack on Colonial Pipeline

 

A terse news release posted to DarkSide’s website did not directly mention Colonial Pipeline but, under the heading “About the latest news,” it noted that “our goal is to make money, and not creating problems for society.”

Story continues below advertisement

Whether targets of such attacks should pay to regain control of their systems is a matter of fierce debate. Critics contend that paying ransom encourages attacks.

The White House declined to weigh in on Monday whether companies that are hacked such as Colonial Pipeline should pay ransom to their attackers, but a national security official said it may offer some advice in the future.

(Reporting by Arathy S Nair in Bengaluru; Editing by Shounak Dasgupta)

Sponsored content

AdChoices