Colonial Pipeline paid nearly $5 million to hackers in ransomware attack

Yahoo News

Colonial Pipeline paid the hackers who shut down some of its networks nearly $5 million in ransom, a U.S. official familiar with the matter said Thursday.

News of the payment was first reported by Bloomberg. The U.S. official did not say how or when the company paid.

Colonial, which operates the country’s largest fuel pipeline, announced it had been hacked Friday, and shut down all four of its major pipelines that serve the Eastern and Southeastern United States as a precaution. Gas prices rose, and some stations ran out of fuel. The Department of Transportation issued an emergency order allowing truckers driving fuel in affected states to work longer hours than federal regulations normally allow.

A third-party consulting company that now handles Colonial’s press inquiries declined to comment on the payment.

The company announced Wednesday that it was resuming operations.

The FBI has historically discouraged, but not prohibited, American ransomware victims from paying hackers, as a payment isn’t guaranteed to work and can encourage criminals to continue attacking others. In a press conference Monday, Anne Neuberger, the White House’s deputy national security adviser for cyber and emerging technologies, acknowledged that some organizations might find paying the criminals off can be in their best interest.

“We recognize, though, that companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data,” she said.

Speaking to MSNBC’s Andrea Mitchell on Thursday, Neuberger said the White House’s advice remains that victims do not pay the ransom.

“The federal government, we discourage the payment of ransoms, because the prolific payment of ransoms encourages ransomware.”

The hackers, known as DarkSide, are one of a number of ransomware groups that hold organizations’ files hostage and demand a payment, either by locking their files and making them unusable or threatening to release them to the public.

DarkSide, like many ransomware gangs, are believed to operate in Russia, and their ransomware program is designed to shut down if they infect computers that work in the Russian language.

President Joe Biden said Monday that U.S. intelligence believes DarkSide to be operating within Russia’s borders, and that while it didn’t appear to be directed by the Russian government, he is “going to have a conversation” with Russian President Vladimir Putin about such groups. “They have some responsibility to deal with this,” he said.

DarkSide in particular is notorious for providing victims who pay with a decryption program that works painfully slowly, said Brett Callow, an analyst at the cybersecurity firm Emsisoft.

Colonial retained the cybersecurity company Mandiant to deal with the attack. Mandiant doesn’t directly pay ransomware gangs on clients’ behalf, a spokesperson for the company said, but acknowledges victims can choose to do so.

5 thoughts on “Colonial Pipeline paid nearly $5 million to hackers in ransomware attack

  1. I thought we didnt negotiate with terrorists?
    so by admittance our government used tax dollars to FUND a terrorist group !..what the Fck you think they are going to do with 5 million? you stupid assholes!

    or maybe JoeSTP is right . Or they just moved 5 million on the roster to pay for further cover up of pedophile island and its players, or some other cover up operation !

    I mean WTF people are we going to just sit here and take this crap ?

    Nice to have 5 million to just throw around like its not yer money ..these fckers are way over paid and over played

  2. Amazing, they actually expect people to believe that they paid five million dollars to these hackers. They want people to believe that it was paid in untraceable funds. If this was a genuine hacking job from a terrorist group, does anyone honestly believe that such “funds” wouldn’t be passed on to consumers in the form of inflated prices for petroleum products?!? This was just a another test by the International Corporate Mafia to see if people would tolerate such ridiculous nonsense. And why not?!? They’ve gotten away with stealing our wealth and resources hand over fist in so many ways over so many years! It’s no different than the “funds” used to pay off families of those who were killed by “police officers” who broke “department policies”.

  3. Wow…..this reeks of a third world country campaign.

    They just green lighted the handing over of our country to every terrorist organization in the world, if this is true. The number one country in the world just set a dangerous precedent and handed a blank check to anyone wanting to attack us saying, “We’ll pay you millions of dollars as long as you don’t hurt us” rather than to hunt down and exterminate these groups like we should and have the power to do.


  4. How did it work out for the Japanese in Fukushima after they made plans use currencies that weren’t US Dollars? A Tsunami with 4 Nuclear reactor failures due to a monstrous Tsunami caused by an offshore EQ in an unusual location. Coincidence? Or Conspiracy? You be the judge.

Join the Conversation

Your email address will not be published.