Colonial Pipeline CEO confirms company paid $4.4 million ransom it wasn’t supposed to pay
Colonial Pipeline CEO Joseph Blount has confirmed that his company did in fact pay $4.4 million to the hackers responsible for the ransomware attack on the pipeline system that transports around 45 percent of fuel used on the East Coast, The Wall Street Journal writes. Earlier reporting estimated Colonial Pipeline paid a ransom of nearly $5 million, news that was surprising — not for the amount of money that was paid, but because paying ransoms to cybercriminals is frowned upon by law enforcement agencies.
The situation with Colonial Pipeline is further complicated by the fact that the Colonial Pipeline Company itself was responsible for the shutdown. Blount tells the Journal that its operational systems weren’t directly impacted, but it shut down the critical energy infrastructure so that it could determine how far hackers reached into its system. Before today’s confirmation, both CNN and cybersecurity reporter Kim Zetter suggested hackers specifically had access to the company’s billing system, rather than direct control over the pipeline itself.
DarkSide, the hackers responsible for the attack, were also oddly apologetic that their ransomware caused so much trouble, even though they ultimately got what they wanted. “Our goal is to make money and not creating problems for society,” the group wrote in a statement. Still, fuel shortages followed, and Colonial Pipeline said it just got back to normal operations on May 15th. Blount tells The Wall Street Journal the work to rebuild its business system is ongoing, though — it’s still unable to bill customers after the outage.