Status: 06.06.2021 02:12 AM
A month has passed since the largest gasoline pipeline in the United States was breached. The operator paid millions to extortionists. Now investigators have reported success.
After hackers attacked the largest gas pipeline in the United States, investigators recovered most of the ransom payments in the digital currency Bitcoin. The US Department of Justice has announced that 63.7 bitcoins have been seized, currently valued at approximately $2.3 million.
The agency’s deputy director, Paul Abate, said the FBI was able to identify a digital wallet that hackers allegedly used to collect a payment from the company in question.
A hacker from Russia suspected of being behind this act
Colonial Pipeline announced in early May that it was the victim of a hacker attack. As a result, the pipeline, through which about 45 percent of all fuel consumed on the East Coast of the United States passes, has been temporarily closed completely. There was a shortage of gasoline in parts of the country. Washington, D.C. was hit particularly hard, with 88 percent of gas stations running out of fuel at times.
“It was an attack on one of our most important national infrastructures,” said Lisa Monaco of the US Department of Justice. The US government suspects that hackers from the DarkSide group from Russia are behind the crime. Both US authorities and IT security experts strongly advise companies not to pay a ransom so as not to incentivize cybercriminals to blackmail them. But the pipeline operator paid, as company president Joseph Blount admitted in the “Wall Street Journal” at the end of May. Authorized payment of $4.4 million.
Blount explained the controversial decision by saying the company was not sure how much damage the system had caused. According to the US Department of Justice, Colonial Pipeline quickly reported to the FBI that DarkSide had broken into its computer network and that the company had paid the required ransom of 75 Bitcoin.
The head of the colony praises the investigators
In so-called ransomware attacks, the data on computers is encrypted – and the attackers usually demand a ransom in exchange for the version. Cases where companies paid were also known before. But refunds are extremely rare. Colonial President Blount praised the work of FBI investigators in a statement. He also said that the private sector needs to take cyber threats seriously and invest in order to better defend them.
“The scope and sophistication of ransomware attacks has increased over the past year, targeting critical infrastructure, businesses of all kinds, entire cities, and even law enforcement agencies,” said Monaco of the Ministry of Justice. “Ransomware and digital extortion are a threat to national and economic security in the United States.”
A few weeks after the attack on the gasoline pipeline, the world’s largest meat company JBS was hit by a massive cyber attack. Large parts of production in North America and Australia were crippled.