It has been a month since the largest gasoline pipeline in the United States was hacked. The operator paid millions to the extortionists. Now the investigators report a success.
After the hacker attack on the largest gasoline pipeline in the United States, investigators recovered most of a ransom payment in the digital currency Bitcoin. The US Department of Justice announced on Monday that 63.7 Bitcoin, currently valued at around 2.3 million US dollars, had been seized. The FBI was able to identify a digital wallet that hackers allegedly used to collect a payment from the company concerned, said the agency’s deputy director Paul Abbate.
The company Colonial Pipeline announced in early May that it had been the victim of a hacker attack. As a result, the pipeline, through which about 45 percent of all fuel consumed on the US east coast runs, was temporarily completely shut down. There were petrol shortages in parts of the country. The capital Washington was particularly hard hit, where at times 88 percent of the gas stations ran out of fuel. “It was an attack on one of our most important national infrastructures,” said Lisa Monaco from the US Department of Justice.
The US government suspects hackers from the DarkSide group from Russia behind the crime. Both US authorities and IT security experts strongly advise companies against paying ransom so as not to incentivize cyber criminals to blackmail. But the pipeline operator paid, as company boss Joseph Blount admitted in the “Wall Street Journal” at the end of May. He authorized a payment of $ 4.4 million. Blount explained the controversial decision by saying that the company was unsure about the extent of the system damage caused.
According to the US Department of Justice, Colonial Pipeline had quickly notified the FBI that DarkSide had broken into the computer network and the company had paid the requested ransom of 75 Bitcoin. In so-called ransomware attacks, data on computers is encrypted – and the attackers usually demand a ransom for the release. Cases in which companies paid were also known before. But it is extremely rare to get the money back.
Meat company also affected by hacker attack
Colonial chief Blount praised the work of the FBI investigators in a statement. He also said the private sector needs to take cyber threats seriously and invest to better defend against them.
“Ransomware attacks have increased in scope and sophistication over the past year, targeting our critical infrastructure, businesses of all kinds, entire cities and even law enforcement agencies,” said Monaco from the Justice Department. “Ransomware and digital extortion pose a threat to national and economic security in the United States.”
Just a few weeks after the attack on the gasoline pipeline, the world’s largest meat company JBS was hit by a massive cyber attack. Large parts of production in North America and Australia were paralyzed.