December 3, 2021

Pipeline Executive Felt Cornered by Ransomware Attack | Voice of America

The top executive for the biggest fuel pipeline operator in the United States told lawmakers he felt like he had no choice but to pay off hackers after a ransomware attack shut down operations along the East Coast. 

Testifying Tuesday before the Senate Homeland Security and Governmental Affairs Committee, Colonial Pipeline Chief Executive Joseph Blount took responsibility for agreeing to pay the Russian-based DarkSide Network approximately $5 million to minimize potentially disastrous delays to fuel delivery. 

“I know how critical our pipeline is to the country, and I put the interests of the country first,” Blount said. 

“It was the hardest decision I’ve made in my 39 years in the energy industry,” he added. “We wanted to stay focused on getting the pipeline back up and running. I believe with all my heart it was the right choice to make.” 

The May 7 DarkSide ransomware attack on Colonial Pipeline spawned fuel shortages and panic-buying across parts of the U.S., pushing prices higher as drivers hunted for gas stations that had not run out of fuel. 

A friend carrying a gas container is greeted by a motorist waiting in a lengthy line to enter a gasoline station during a surge…
FILE – A man with a gas container greets a motorist waiting in a lengthy line to enter a gasoline station during a surge in the demand for fuel following the cyberattack that crippled the Colonial Pipeline, in Durham, North Carolina, May 12, 2021.

U.S. law enforcement, including cyber experts at the Federal Bureau of Investigation (FBI), routinely warn companies against paying ransoms to hackers. But Blount said that even though the company was in contact with the FBI, he felt paying DarkSide was the most prudent option. 

“It was our understanding that the decision was solely ours as a private company,” he told lawmakers. “Considering the consequences of potentially not bringing the pipeline back on as quickly as I possibly could, I chose the ransom.” 

Blount said Colonial did not deal with DarkSide directly and instead hired legal experts and negotiators to act as intermediaries. The payment was delivered May 8 to the ransomware network in the form of the bitcoin cryptocurrency.  

In return, DarkSide provided Colonial with a decryption key that helped the company regain access to its systems and eventually resume operations, Blount said, noting that some systems are just now coming back online. 

Blount’s testimony comes just a day after the U.S. Justice Department and the FBI announced that they managed to track the ransom and recover the majority of the bitcoin, which was valued at about $2.3 million.  

US Snatches Back Ransom from Colonial Pipeline Hackers

Justice Department, law enforcement officials say move deprives Russian-based DarkSide Network ‘the object of their activity’

U.S. Deputy Attorney General Lisa Monaco on Monday described the development as significant, boasting that law enforcement had “turned the tables” on the ransomware network. 

Former government officials, though, worry that while the development slashed the hackers’ profits, it could put the government and the private sector on a slippery slope. 

“I think it’s a bad public policy outcome,” Chris Krebs, former director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), told a virtual forum hosted by Aspen Digital on Tuesday. 

“I would really hesitate trying to make this sort of engagement mainstream,” he said. “It’s not the FBI’s job to go out there and claw back money from criminals once they’ve taken it.” 

A Colonial Pipeline station is seen, Tuesday, May 11, 2021, in Smyrna, Ga., near Atlanta.  Colonial Pipeline, which delivers…
FILE – A Colonial Pipeline station is seen in Smyrna, Ga., near Atlanta, May 11, 2021.

Other experts worry that companies, organizations and governments, like Colonial Pipeline, are putting themselves at a disadvantage. 

“With ransomware, the misconception is that there’s two options: pay criminals or don’t pay criminals,” said Raj Samani, co-founder of No More Ransom, an organization that distributes decryption keys for free. 

“Many of the decryptors that are developed by the ransomware groups are actually rubbish,” said Samani, who is also the chief scientist at McAfee, a U.S.-based cybersecurity company. “So, even if you pay a fee, you may not get your data back.” 

In the case of the Colonial Pipeline ransomware attack, the decryption key did allow the company to start getting some systems up and running.   

“It’s not a perfect tool,” Blount told lawmakers Tuesday, adding that the company is working to further harden its cyber defenses. 

Blount said DarkSide was able to access Colonial’s systems by exploiting a virtual private network (VPN) that was no longer in use and which was protected only by a single password. 

CISA recommends using what is known as multifactor authentication, which requires users use a password and then complete a second step, such as replying to a text message, in order to access critical systems. 
 

in U.S.
Related Posts

UN Calls for Better Remittance Services at Lower Cost | Voice of America

June 16, 2021

June 16, 2021

The United Nations is urging reforms that make it easier for migrants to send money back to their home countries,...

White House’s New, $1.7T Infrastructure Offer Panned by GOP | Voice of America

May 22, 2021

May 22, 2021

WASHINGTON – The White House put forward a $1.7 trillion infrastructure counteroffer Friday to Senate Republicans, dropping from President Joe...

US Head Start Programs Allocated $1B in COVID-19 Relief Money | Voice of America

June 30, 2021

June 30, 2021

The Biden administration said Wednesday it will use $1 billion in COVID-19 relief money to fund Head Start programs, which...

Senate Passes Bill to Boost US Tech Industry, Counter Rivals | Voice of America

June 9, 2021

June 9, 2021

The Senate overwhelmingly approved a bill Tuesday that aims to boost U.S. semiconductor production and the development of artificial intelligence...

Hundreds of Lakes in US, Europe Losing Oxygen, Study Finds | Voice of America

June 3, 2021

June 3, 2021

Oxygen levels have dropped in hundreds of lakes in the United States and Europe over the last four decades, a...

Report: US-Commissioned Study Found Coronavirus Could Have Leaked From Chinese Lab | Voice of America

June 8, 2021

June 8, 2021

The Wall Street Journal says a report issued by a U.S. government laboratory last year concluded that a theory that...

Idaho Farmer Copes With Water Crisis | Voice of America

June 30, 2021

June 30, 2021

President Joe Biden met Wednesday with Cabinet and emergency officials and, remotely, with Western governors to discuss the heat wave,...

Prosecutors Seat Special Grand Jury for Trump Investigation | Voice of America

May 26, 2021

May 26, 2021

Prosecutors in New York have convened a special grand jury to examine evidence and potentially decide whether to issue indictments...

US Doubles Funding to Prepare for Hurricane Damage   | Voice of America

May 24, 2021

May 24, 2021

Ahead of what is forecast to be an above-normal hurricane season in the Atlantic Basin, the U.S. government is doubling...

Latinas Left Workforce at Highest Rate, See Slow Recovery | Voice of America

June 17, 2021

June 17, 2021

PHOENIX – Teresa Marez spent 14 years building a strong clientele base as a hair stylist in San Antonio. When...

Another Devastating Atlantic Hurricane Season Forecast for 2021 | Voice of America

June 1, 2021

June 1, 2021

GENEVA – The World Meteorological Organization (WMO) warns the United States and countries in the Caribbean and Central America to...

Secretary of State Blinken to Meet with French President Macron | Voice of America

June 24, 2021

June 24, 2021

U.S. Secretary of State Antony Blinken has arrived in France, his latest stop in a multination tour, where he will...

Sunrise Special: Solar Eclipse Thrills World’s Northern Tier | Voice of America

June 10, 2021

June 10, 2021

CAPE CANAVERAL, FLA. – The top of the world got a sunrise special Thursday — a “ring of fire” solar...

Billionaire Blast Off: Richard Branson Plans Space Trip Ahead of Rival Bezos | Voice of America

July 2, 2021

July 2, 2021

WASHINGTON – Call it a space race for billionaires: British mogul Richard Branson one-upped rival Jeff Bezos on Thursday, announcing...

US to Investigate Government-run Native American Boarding Schools | Voice of America

June 23, 2021

June 23, 2021

U.S. Interior Department Secretary Deb Haaland said her department is launching an investigation into the more-than-150-year history of government-run American...