Colonial Pipeline Chief Executive Joseph Blount confirmed on May 19 that the company paid the $4.4 million ransom to the group of hackers who launched the ransomware attack on its systems.
In his first interview since the cyber attack, Blount told Wall Street Journal (WSJ) that he authorized the payment last May 7 because the company was uncertain about the extent of the damage and how long it would take to bring the systems back.
“I know that’s a highly controversial decision. I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this,” Blount told WSJ.
“But it was the right thing to do for the country,” Blount added.
In return for the ransom payment of 75 Bitcoin, Colonial Pipeline received a decryption tool to unlock the systems that the hackers compromised, but it was not enough to restart the systems immediately, WSJ reported, citing a person familiar with the matter.
Blount said that Colonial Pipeline, which carries 45% of the supply of diesel, petrol, and jet fuel to the East Coast, paid the ransom after consulting with experts who had previously dealt with the cybercriminal gang known as DarkSide.
Blount declined to identify who assisted in the consultations and negotiations, as well as ransomware-related details on the company’s cyber insurance.
The cyber attack will ultimately cost the pipeline company tens of millions of dollars and recovering some business systems will take months, according to Blount.
The pipeline resumed operations last week, but some states were still experiencing petrol shortages.
Last May 10, DarkSide released a statement on its website to clarify that their goal was “to make money and not creating problems for society.”
© Fourth Estate
® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.