You may have heard the news yesterday that Colonial Pipeline was reopening at 5pm yesterday and that gas should be flowing freely again soon to a gas station near you. That’s great news, right?
But how did they get here? Well it wasn’t because they beat the hackers…
BREAKING: Colonial Pipeline paid hackers $5 million after ransomware attack https://t.co/t5O5RalKL3 pic.twitter.com/8fLHGyvvCe
— Bloomberg (@business) May 13, 2021
Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.
The company paid the hefty ransom in untraceable cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familar with the situation said U.S. government officials are aware that Colonial made the payment.
Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.
A representative from Colonial declined to comment, as did a spokesperson for the National Security Council.
The hackers, which the FBI said are linked to a group called DarkSide, specialize in digital extortion and are believed to be located in Russia or Eastern Europe.
On Wednesday, media outlets including the Washington Post and Reuters reported that the company had no immediate intention of paying the ransom. Those reports were based on anonymous sources.
They actually paid these hackers on Friday of last week, right after they were initially compromised and well before the fake news came out about their intentions not to pay them.
Wow. What a horrible precedent to set, because now these hackers will continue to hold companies ransom. They could turn around and do the same thing tomorrow to Colonial!
Also, if the decrypting tool was too slow and they had to restore from their backups, doesn’t that mean they wasted $5 million on ransom?
Here’s a few responses to the news:
We’re truly screwed https://t.co/8H3ZZ5FG1n
— Ryan James Girdusky (@RyanGirdusky) May 13, 2021
this is how you get more of this, not less. https://t.co/SN08x8T1MW
— tsar becket adams (@BecketAdams) May 13, 2021
Okay so maybe we can't thwart off hackers but at least the tech industry is becoming more diverse and inclusive https://t.co/4c6TLVWUyJ
— Pedro L. Gonzalez (@emeriticus) May 13, 2021
Well, glad that's over with and never happening again. https://t.co/CLQtxMfNvb
— Noah Rothman (@NoahCRothman) May 13, 2021
Never negotiate with Terrorists. We are totally wide open as a country now. This will only be the beginning. Do you miss 45 yet? https://t.co/RJ7c70KHSN
— 48™️ (@fadde) May 13, 2021