Colonial Pipeline Paid $4.4 Million to Ransomware Hackers: CEO

May 19, 2021 Updated: May 19, 2021

Colonial Pipeline Chief Executive Joseph Blount confirmed that the company paid $4.4 million to ransomware attackers because executives were uncertain about the severity of the cyberattack on the firm’s systems and how long the pipeline would remain offline.

“I know that’s a highly controversial decision,” Blount told the Wall Street Journal in a May 19 statement. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”

Some—including the FBI—have argued that the firm shouldn’t have paid the group, as it would only embolden them to commit similar attacks. Ransomware is a type of malicious software that essentially takes computer systems hostage and demands payment to have the files unlocked.

“But it was the right thing to do for the country,” Blount said, adding that the pipeline had never been shut since its construction. Colonial has stressed that the operational systems controlling pipeline infrastructure weren’t directly impacted by the attack.

Despite the pipeline having returned to normal operations, Blount said that it’ll take months of restoration work and millions of dollars to recover some systems that were affected by the hack.

“We were perfectly happy having no one know who Colonial Pipeline was, and unfortunately that’s not the case anymore,” he said. “Everybody in the world knows.”

This week, Colonial confirmed to media outlets that some of its scheduling systems were down, but stressed that wasn’t related to the breach. In a statement to the Epoch Times on May 18, a spokesperson for the firm said that they were operational again.

The FBI said that the DarkSide group—which may be based in Russia and Eastern Europe—was behind the breach. Last week, President Joe Biden said that intelligence suggests that the Kremlin wasn’t involved in the attack, although he said the Russian government bears some responsibility in dealing with criminal gangs.

DarkSide, which said in a statement last week that it’s disbanding, also claimed to be apolitical and only wanted to “make money.”

The breach shut the 5,500 mile-long network of pipelines for several days, triggering fuel shortages and panic-buying in some East Coast states.

The incident also placed renewed focus on the Biden administration’s order to halt the construction of the Keystone XL pipeline—which would span from the Gulf Coast to Canada—due to his focus on promoting alternative energy sources. Roughly 20 GOP attorneys general, in a letter sent to the White House this week, implored Biden to restart the Keystone pipeline in the wake of the ransomware attack.