The CEO of Colonial Pipeline has confirmed the company paid $4.4 million in ransom to the hackers who disabled its pipeline in May.
In an interview with the Wall Street Journal, Joseph Blount said he authorized the massive payment as he was concerned how long the pipeline would be offline. “I know that’s a highly controversial decision,” he said. “I didn’t make [that decision] lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”
The pipeline is 5,500 miles long and carries 2.5 million barrels per day. It is said to supply 45% of the East Coast’s diesel, petrol, and jet fuel supply.
The group behind the attack, DarkSide, said the attack was purely to make money, not to create “problems for society.” “We do not participate in geopolitics, do not need to tie us with a defined government and look for… our motives,” the hacking group added.
In the past the United States government has recommended private companies do not pay criminals when threatened with ransomware attacks, but Colonial Pipeline decided to make the payment – delivered in Bitcoin – after consulting with security experts.
The pipeline went offline on May 7 after the cyber attack first hit, and in return for the payment, the company received a decryption tool to regain control. However, that tool was not enough to resume systems immediately.
The pipeline was back up and working last week, but not before petrol shortages had hit some states, including North Carolina and Georgia. Blount said the attack would likely cost the company tens of millions of dollars.