WASHINGTON: Colonial Pipeline’s CEO on Wednesday acknowledged to the Wall Street Journal that his company paid a $4.4 million ransom to hackers as executives were unsure how badly its systems were breached or how long it would take to restore the pipeline.

The 5,500-mile (8,850-km) Colonial Pipeline Co system closed last week after one of the most disruptive cyberattacks on record, preventing millions of barrels of gasoline, diesel and jet fuel from flowing to the East Coast from the Gulf Coast.

Colonial Pipeline’s Chief Executive Joseph Blount told the Wall Street Journal that he paid the “extortion money” for the “greater good”.

“I know that’s a highly controversial decision,” Blount was quoted as saying. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”

Blount said the decision had been “the right thing to do for the country”.

Blount told the Journal he authorized the payment after the May 7 ransomware attack because the company didn’t know the extent of the damage and wasn’t sure how long it would take to bring the pipeline systems back.

The FBI discourages making ransom payments to ransomware attackers, because paying encourages criminal networks around the globe who have hit thousands of businesses and health care systems in the US in the past year alone. But many victims of ransomware attacks, where hackers demand large sums of money to decrypt stolen data or to prevent it from being leaked online, opt to pay.

The ransom payment, which was first reported by Bloomberg, illustrates the dilemma facing companies whose networks have been compromised by online extortionists.

On the one hand, companies can be completely paralyzed by hackers with potentially far-reaching consequences in cases like Colo­nial’s. On the other, paying ransoms effectively passes the problem forward, allowing cash-rich cybercriminals to move on to an increasing number of targets.

US officials have struggled to discourage companies from paying.

“Typically that is a private-sector decision,” Anne Neuberger, US Deputy National Security Adviser for Cyber, told reporters earlier this month.

Colonial Pipeline did not immediately return a message seeking further comment. The FBI did not immediately respond to an email. The hackers, alleged to be affiliated with the DarkSide cybercrime gang, have not returned repeated messages.

A source working with Colonial Pipeline and the government on the hack response and private sector security sources briefed on the situation had told Reuters last week that Colonial had not been planning to pay the ransom.

Multiple sources had confirmed to The Associated Press that Colonial Pipeline had paid the criminals who committed the cyberattack a ransom of nearly $5 million in cryptocurrency for the software decryption key required to unscramble their data network.

A ransom payment of 75 Bitcoin was paid the day after the criminals locked up Colonials corporate network, according to Tom Robinson, co-founder of the cryptocurrency-tracking firm Elliptic.

Blount told the Journal the attack was discovered around 5.30 am on May 7. It took Colonial about an hour to shut down the pipeline, which has 260 delivery points across 13 states and Washington, DC, he said. That helped prevent the infection from potentially migrating to the pipeline’s operational controls.

Published in Dawn, May 20th, 2021

Opinion

Editorial

Kurram atrocity
Updated 22 Nov, 2024

Kurram atrocity

It would be a monumental mistake for the state to continue ignoring the violence in Kurram.
Persistent grip
22 Nov, 2024

Persistent grip

An audit of polio funds at federal and provincial levels is sorely needed, with obstacles hindering eradication efforts targeted.
Green transport
22 Nov, 2024

Green transport

THE government has taken a commendable step by announcing a New Energy Vehicle policy aiming to ensure that by 2030,...
Military option
Updated 21 Nov, 2024

Military option

While restoring peace is essential, addressing Balochistan’s socioeconomic deprivation is equally important.
HIV/AIDS disaster
21 Nov, 2024

HIV/AIDS disaster

A TORTUROUS sense of déjà vu is attached to the latest health fiasco at Multan’s Nishtar Hospital. The largest...
Dubious pardon
21 Nov, 2024

Dubious pardon

IT is disturbing how a crime as grave as custodial death has culminated in an out-of-court ‘settlement’. The...