Colonial Pipeline became the latest victim of a ransomware attack from threat actors after the company revealed that it paid a ransom worth $4.4 million to DarkSide, the cybercriminal organization that hacked the company. This was done in exchange for regaining access to their servers which had been shut down as a result of the cyberattack.
Joseph Blount, the CEO of Colonial Pipeline, revealed to the Wall Street Journal that the ransom was paid off on the 7th of May.
Despite the controversy of the decision, in his eyes, it was ultimately a necessary one due to the heavy losses that the customers and the company were facing due to a complete halt of their operations.
The pipeline company stretches 5500 miles and carries approximately 2.5 million barrels of fuel per day. The company’s operations are so essential that it is claimed by Colonial Pipeline themselves that their pipelines carry around 45% of the total supply of diesel, petrol, and jet fuel for the East Coast.
The severity of the decision was not taken lightly, according to Mr. Blount, who stated that the ransom was paid after lengthy discussions with experts who had previous experience dealing with DarkSide.
It deeply hurt Mr. Blount to succumb to the demands of such a nefarious group of people; however, it was in the best interests of the country to do so.
US fuel transport firm resumes service after cyber-attack
The United States government has warned companies against paying such ransoms as they set a precedent for cybercriminals to target the company in the future.
After Colonial Pipeline paid off the ransom (in Bitcoins), they were given a decryption tool by DarkSide, which allowed them to unlock their systems, though not instantly. The company was forced to take a portion of its operations offline, after the attack, in order to contain the threat.
Colonial Pipeline’s operations resumed last week though that did not stop petrol shortages developing across several states, including North Carolina and Georgia.
Mr. Blount admitted that it would be several months until some of the other business systems were fully recovered. All in all, the cyberattack resulted in Colonial Pipeline suffering losses amounting to tens of millions of dollars through both ransom costs and halted operations losses.
The incident harmed the company in more ways than one as it led to Colonial Pipeline having had their privacy invaded. In Mr. Blount’s own words: “Everybody in the world now knows [about what Colonial Pipeline is].”
When the cyberattack was conducted, DarkSide spoke about the incident in public, accepting responsibility for the hack.
They claimed that their motivation behind hacking into such companies was to make money for themselves rather than to burden society, as stated on their website.
Darkside further stated that they had no interest in politics, and their actions were based purely on their own desires.