Colonial Pipeline, the largest pipeline system for refined products in the United States, paid a ransom of nearly $5 million to Eastern European hackers on Friday. This was after the hackers used ransomware to disable Colonial Pipeline’s computer network.
According to the FBI, the hackers are linked to a group called DarkSide, which specializes in digital extortion and is believed to be based in either Russia or Eastern Europe.
Colonial Pipeline Co. paid the extortion fee in the form of untraceable cryptocurrency within hours of the attack. While initially refusing to pay the extortion fee, the company was pressured into meeting the hackers’ demands because of the need to get gasoline and jet fuel flowing to the Eastern Seaboard. U.S. government officials are confirmed to have been made aware of the ransom payment.
The FBI discourages companies from paying ransoms to hackers as there is no guarantee that they would follow through on their promise. Also, caving into hackers’ demands could provide motivation to other would-be hackers.
During a briefing earlier this week, Anne Neuberger, the White House’s top cybersecurity official, declined to confirm whether it is justifiable for companies to pay ransoms for cyberattacks: “We recognize, though, that companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data.” she explained to reporters.
