Colonial Pipeline paid $5m ransom to hackers

(Image credit: Shutterstock / binarydesign)

Contrary to previous reports, it has now emerged that Colonial Pipeline paid nearly $5 million to the DarkSide ransomware gang in their choice of cryptocurrency.

The DarkSide ransomware gang attacked the Colonial Pipeline late last week, making away with 100GB of data while encrypting Colonial’s network. 

Colonial acknowledged the attack, which resulted in the shut down of one of the major fuel pipelines in the country, but didn’t provide any information regarding the ransom.

However Bloomberg, quoting two anonymous individuals who were reportedly involved with the transaction, now claims the company paid the full ransom in cryptocurrency, and in fact paid within hours of the attack.

There has been no official word from Colonial regarding the payment, though the company has confirmed that it has now resumed operations.

Back online

One of the anonymous sources told Bloomberg the hackers provided Colonial with a decrypting tool upon receiving the ransom. 

However, the decrypting tool wasn’t fast enough, forcing Colonial to use its own backups to help restore the system now that it was unlocked.

The attack seems to have forced US President Joe Biden to sign an executive order that outlines steps for software vendors to engage with the government in order to prevent possible future cyberattacks. 

US government officials are reportedly aware of Colonial paying the ransom to decrypt its network, though in a press briefing related to the attack, President Biden declined to comment on the transaction. 

He did however confirm that the FBI has strong evidence to believe that the attack originated in Russia, but added that there’s nothing to suggest that the Russian government had any part to play in the attack.

Via Bloomberg

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.