Despite its insistence that it will not give in to extortion, Colonial Pipeline Co reportedly paid hackers a $5 million ransom. Only after did the company get control back of their 5,500-mile pipeline. Sources close to the situation confirmed the payoff.
$5 Million Ransom In Cryptocurrency
DarkSide, the Eastern European hacker group who infiltrated Colonial Pipeline received the payment last Friday. The hacker group gave instructions on how to pay the $5 million ransom, insisting on difficult-to-trace cryptocurrency.
Given the immense pressure from the pipeline company to get operations back to normal, they elected to pay the price. According to a different source, the US government is aware that the company paid the ransom. However, a representative from Colonial declined to comment.
Once the hacker group confirmed receiving the payment, they gave Colonial a decryption tool to restore the computer system. Reportedly, the decryption tool worked very slowly.
Colonial had to continue using backups to get back online faster. By 5 pm Eastern, Colonial managed to get its entire system back online and resumed full pipeline operations.
The Federal Bureau of Investigation said that the group specializes in digital extortion. Investigators believe that the group’s headquarters are either in Russia or somewhere in Eastern Europe.
They use ransomware to lock up an unsuspecting victim’s files. Then, the attackers will offer to unlock the files for a fee. Otherwise, they will destroy the files, which can prove unrecoverable for the owner. Recently, some ransomware groups steal personal data and threaten to release it to the public unless they get paid.
Initially, Colonial Pipeline declared they will not pay the ransom, which the FBI supported. The Bureau discourages companies from giving to attackers’ demands.
They said that even if one pays the ransom, it is not a guarantee that hackers will return the stolen data. Successful ransoms also encourage other hackers to follow.
Making a decision is easy for some companies when weighed in with the costs of losing their data or enduring a long period offline. Many are willing to pay if their cyber-insurance policies will foot the bill.
In addition, there are some companies that have little choice on the matter. The fear of getting exposed or having a data leak is often a fatal situation.
Ondrej Krehel, CEO of digital forensics firms LIFARS, says many choose to pay. Often, it’s the hacker group that owns the advantage in the situation.
“They had to pay. This is cyber cancer. You want to die or you want to live? It’s not a situation where you can wait.”
Decision to Pay Ultimately Lies With The Company
In the case of Colonial’s $ 5 million ransom, the company likely did what they had to do. Anne Neuberger, the White House’s top cybersecurity official, said that the company makes the final call.
“We recognize, though, that companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data,” she told reporters Monday.
A ransomware task force released a report that said that this kind of cybercrime is on the rise. The total amount of ransom paid by victims in 2020 reached $350 million dollars in cryptocurrency.
This represents a 311% increase from the previous year. The average ransom paid by companies is $312,493.
Watch the CNBC News video reporting that Colonial Pipeline paid nearly $5 million to hackers:
Do you agree with Colonial’s decision to pay the ransom? Also, will you do the same if a ransomware attack happened to you?
Let us know what you think about ransomware. Share your thoughts below.