Monday, November 29, 2021
HomeEconomyUPDATE: Colonial Pipeline Paid Hackers $5 Million In Ransom

UPDATE: Colonial Pipeline Paid Hackers $5 Million In Ransom

Colonial Pipeline paid the hacker group DarkSide nearly $5 million dollars in ransom to get their systems back operational. The money was paid through an untraceable cryptocurrency and reports say that it was paid almost immediately after the attack. DarkSide gave Colonial Pipeline a slow-acting decryption tool to restore their systems after payment was rendered. The slow nature of the tool is probably what caused the pipeline to be down as long as it was.

According to multiple news outlets, Colonial Pipeline was hacked with “ransomware”, or a type of virus that prevents the operation of a computer and/or computer system. This event happened back on May 7th and Colonial announced that their pipeline was back online on May 13th. Almost a full week of disruption for a pipeline that provides 45% of the Eastern Seaboard and South’s gas at the pump is a serious thing. Colonial Pipeline also provides jet fuel. Flights out of Charlotte that would normally fly on straight-shot flights had to stop once or twice to refuel.

- Advertisement -

Companies are normally discouraged from paying hackers to remove ransomware for a few reasons. First of all, there is no guarantee that the group claiming responsibility for the attack will follow through on its promise to remove the ransomware. Then there is the emboldening of such groups. DarkSide says they already have three new victims. And of course, there will be copycats who try and cash out by exploiting the weaknesses of companies and organizations. Sometimes, even individual people become targets of ransomware. In 2020, about $350 million dollars of ransomware money was paid to hacker groups, with the average payout being around $300,000.

Colonial Pipeline may have performed a simple risk/reward analysis. If they refused to pay the hackers, then they could have had the ransomware removed with the help of the US Government and “white-hat” (good) hackers. But the problem is that this could have taken a very long time to resolve. And it only took about three days of the pipeline being down for over 1,000 gas stations to report severe gas shortages or gas outages. It would have cost their company a lot reputation-wise and in actual money. A report says that Colonial failed to upgrade its system to make it more secure. That could have been a huge fine from the Federal Government if things got really bad.

Although the pipeline is back up and running, there will still be gas shortages for a few more days until the supply chain returns to normal. Gas trucks need to fill up and deliver the gas to all of the gas stations that are out. And there are only a certain number of gas trucks and gas truck drivers to go around. This means there is a backlog to clear before everyone is back to normal. Gas hoarders may still be on the loose due to the fear that the media has stoked so that will also contribute to the amount of time that gas stations will need to get back to normal.

- Advertisement -

SOURCES:

Colonial Pipeline Paid Hackers Nearly $5 Million in Ransom – Bloomberg

Colonial Pipeline Restarts Operations As Biden Seeks To Protect Government From Cyber Attacks

Charlotte flights impacted by Colonial Pipeline attack

Ransomware gangs made at least $350 million in 2020 | ZDNet

DarkSide, hacker group behind pipeline attack, claims three new victims

Pipeline Update: Biden Executive Order, DarkSide Detailed and Gas Bags | Threatpost

Colonial Pipeline paid $5m ransom to hacking group DarkSide after huge attack, report says | The Independent

- Advertisement -

1 COMMENT

  1. Hey ABL, love your commentary! I just want to say, everything that happens on computers nowadays, especially networked computers, is traceable. Somebody knows exactly where these people are. The problem is actually doing something about it, which comes down to politics. The truth is, using the Internet, criminals from any lawless state in the world can commit crime anywhere else on the planet. All they need is the right information, or that one fool to click on the link or open the file. I can’t really fault Colonial, considering that Federal agencies get hacked, and data stolen, all the time. I’ve worked in and for the FedGov for 40+ years, and my personal data has been stolen I don’t know how many times. That’s why I have a lifetime membership with ID protection companies, courtesy of Uncle Sam.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Popular

Recent Comments