LIVE TV
ugc_banner

Colonial Pipeline reportedly paid roughly $5 million in ransom to hackers

The New York Times
Washington, United StatesWritten By: Michael D. Shear, Nicole Perlroth and Clifford Krauss © 2021 The New York Times CompanyUpdated: May 14, 2021, 01:46 PM IST
main img
Holding tanks are seen in an aerial photograph at Colonial Pipeline's Dorsey Junction Station in Woodbine, Maryland, US Photograph:(Reuters)
Follow Us

Story highlights

Colonial Pipeline made the ransom payment to the hacking group DarkSide after the cybercriminals last week held up the company’s business networks with ransomware, a form of malware that encrypts data until the victim pays

The operator of a critical fuel pipeline on the East Coast paid extortionists roughly 75 Bitcoin — or nearly $5 million — to recover its stolen data, according to people briefed on the transaction, clearing the way for gas to begin flowing again but complicating President Joe Biden’s efforts to deter future attacks.

Colonial Pipeline made the ransom payment to the hacking group DarkSide after the cybercriminals last week held up the company’s business networks with ransomware, a form of malware that encrypts data until the victim pays. DarkSide is believed to operate from Eastern Europe, possibly Russia.

The company preemptively shut down its pipeline, which stretches from Texas to New Jersey and delivers nearly half of the transport fuels for the Atlantic coast, setting off a cascading crisis that led to panic buying at gas pumps.

The president on Thursday cautioned it would take time to resolve shortages. “They should be reaching full operational capacity as we speak,” Biden said. “But we want to be clear: We will not feel the effects at the pump immediately. This is not like flicking on a light switch.”

Biden did not rule out the possibility that the administration would target the cybercriminals with a retaliatory strike, saying that the United States would pursue “a measure to disrupt their ability to operate.”

On Thursday, eight websites associated with DarkSide were pulled offline. It was not immediately clear why.

The company’s decision to pay the ransom may help Biden stanch the political fallout from rising gas prices and long lines at the pumps, but it emboldens other criminal groups or rogue states to take American companies hostage by seizing control of their computers. Jen Psaki, the White House press secretary, said it remained the “position of the federal government” not to pay ransoms because the money can encourage criminals to conduct more attacks.

A company representative would neither confirm nor deny on Thursday that executives had paid a ransom. The payment was confirmed by people briefed on the matter, who declined to be identified because the information was confidential.

Gasoline prices continued to rise Thursday across the Southeast, but at a slower pace generally than in recent days. “Product delivery has commenced to all markets we serve,” Colonial Pipeline said. “It will take several days for the product delivery supply chain to return to normal.”