Colonial Pipeline paid the ransomware hackers 75 bitcoin or $5 million to restore its billing system and start pumping fuel to retailers again, sources close to the situation said. But the tool given by the hackers after the payment did not work properly
Despite reports by Bloomberg that U.S. officials are aware of the transaction, Brandon Wales, the acting director of the Cybersecurity and Infrastructure Security Administration (CISA), declines the claim.
Wales via CNN said that he has "no knowledge of whether a ransom was paid, how much was paid, if it was paid, when it was paid."
President Biden, in a press briefing on Thursday, declined to confirm if Colonial Pipeline did succumb to the hacker's request. The spokeswoman of the company also declined to comment, the New York Times reports.
The Largest Fuel Pipeline in the U.S. was forced to shut down on Friday night, May 8. The facility supplies fuel to almost half of the East Coast.
After a few days, the pipeline has resumed operations but warned that it will take days for the fuel supply to normalize.
Opposing the Government's Advice
The said move is opposite the advice of the FBI. Jen Psaki, White House Press Secretary, said via New York Times that: "It's the recommendation of the FBI do not pay ransom in these cases," to avoid funding their ransomware groups to conduct more cyberattacks. Psaki said, however, that the companies have the final say on their own decisions.
Anne Neuberger, the White House's deputy national security adviser for cyber and emerging technologies, told NBC that she understands that a move contrary to the recommendation of the government might be in the best interest of the victims.
However, according to Neuberger, the position of the White House remains intact: it discourages ransom payment.
Hacker's Tool Didn't Work
It was reported by Bloomberg, that the payment made through a cryptocurrency gave the fuel operator a decrypting tool. But instead of a smooth recovery of the system, it was too slow to be used.
Hence, the company reverted to merely using its backups to restart pumping fuel to its retailer soon. It turns out, the payment to the extortionist was, in fact, useless.
Read Also : Colonial Pipeline Ransomware Attack: Gas Shortage is Coming Says CEO, Darkside Steals 100GB Worth of Data
New Details of Pipeline Shut Down Emerges
Kim Zetter, a cybersecurity journalist, first reported that the company forcibly suspended operations as hackers attacked its billing system.
With that, Colonial will not be able to invoice the fuel coming to their facility automatically. The said system is integral to the operation of the pipeline.
It is said to be the reason why the operation remained offline for a few days. It turns out the company was exerting its effort in restoring its billing system.
However, when CNN asked the company spokesperson about payment concerns, he said there is no evidence for the said story.
Related Article : Ransomware Gang Leaks Highly Sensitive Psych Assessment of Washington D.C. Police, Vows to Expose More
This article is owned by Tech Times
Written by Teejay Boris