Colonial Pipeline Paid $5M Ransom to Hackers

So much for not negotiating with terrorists.

Colonial Pipeline paid the hackers who shut down some of its networks nearly $5 million in ransom, a U.S. official familiar with the matter said Thursday. News of the payment was first reported by Bloomberg. The U.S. official did not say how or when the company paid.

Colonial, which operates the country’s largest fuel pipeline, announced it had been hacked Friday, and promptly shut down all four of its major pipelines that serve the Eastern and Southeastern United States as a precaution. Gas prices rose, and some stations ran out of fuel. The Department of Transportation issued an emergency order allowing truckers driving fuel in affected states to work longer hours than federal regulations normally allow.

The hackers, known as DarkSide, are one of a number of ransomware groups that hold organizations’ files hostage and demand a payment, either by locking their files and making them unusable or threatening to release them to the public. The FBI has historically discouraged, but not prohibited, American ransomware victims from paying hackers, as a payment isn’t guaranteed to work and can encourage criminals to continue attacking others.

In a press conference Monday, Anne Neuberger, the White House’s deputy national security adviser for cyber and emerging technologies, acknowledged that some organizations might find paying the criminals off can be in their best interest.

President Joe Biden said Monday that U.S. intelligence believes DarkSide to be operating within Russia’s borders, and that while it didn’t appear to be directed by the Russian government, he is “going to have a conversation” with Russian President Vladimir Putin about such groups. “They have some responsibility to deal with this,” he said.

Follow Us On: Facebook and Twitter