Colonial Pipeline granted a ransom payment to computer hackers
The operator of the largest US gasoline pipeline Colonial has for the first time publicly granted a ransom payment worth millions to computer hackers. Colonial boss Joseph Blount told the Wall Street Journal that he authorized the payment of $ 4.4 million. "I know it was a highly controversial decision."
But the company was unsure about the extent of the system damage caused and was unable to estimate how long it would take before the pipeline could go back online. The ransom payment was therefore correct in the interests of the country. "It wasn't easy for me," continued Blount.
Colonial had become the target of a hacker attack and had therefore temporarily completely shut down the operation of the pipeline, through which about 45 percent of all fuel consumed on the US east coast runs. In parts of the United States, there were petrol shortages in the past week and sometimes turbulence at gas stations. In the meantime, however, the pipeline is running again, according to Colonial.
The ransom payment was made according to information from the "
Wall Street Journal" on May 7th in the digital currency Bitcoin. However, the decryption tools provided in return by the hackers would not have been sufficient to fully restore the system. US authorities strongly discourage companies from paying ransom so as not to incentivize cyber criminals to blackmail.
Ireland, for example, has so far decided not to give in to the demands of its health IT in the current ransomware infestation. The fall of Colonial Pipeline led the blackmailers of the so-called Darkside group to apologize for the social consequences of the attack. They wanted to earn money and not cause any social problems, wrote the blackmailers after gasoline hamster purchases at gas stations, for example. It is difficult to gauge what the real motivation behind the apology was.
About a week after the attack became known, Darkside itself allegedly announced that the group had lost access to their stolen Bitcoins and their blog infrastructure. Due to pressure from the
United States, the group will cease operations. It is unclear whether this is actually the case or whether the group could return in the future under a different name.