Colonial Pipeline Pays Nearly $5 Million In Ransom After Cyberattack

The Colonial Pipeline, under siege by hackers, has paid nearly $5 million in a ransom deal, CNBC reported.

The pipeline was hacked, which caused it to have to shut down about 5,500 miles of pipeline. That, in turn, caused gas shortages across the Southeast.

A U.S. official speaking anonymously confirmed the nearly $5 million payment, CNBC reported, although pipeline officials did not comment and neither did President Joe Biden when asked.

According to the report, Press Secretary Jen Psaki said that it was still the government’s position not to pay ransom. White House officials said Monday (May 10) that the attack had been financially motivated.

Ransomware attacks constitute the malware files which encrypt data and lead to a system not being operable, and criminals usually ask for financial payment in exchange for calling off the intrusion.

The assault was allegedly carried out by a criminal group called DarkSide, which PYMNTS reported has attempted to take a “high-minded” approach to cyberattacks, acting as a “Robin Hood” type of figure by claiming to donate some of the funds it steals to charities. The group also said it has “rules” for how to operate, including that it won’t go after hospitals, nursing homes, schools or government targets.

Cybereason, a Boston-based security firm, said DarkSide is in the business of developing and marketing ransomware hacking tools. It then sells them to other criminals who carry out the attacks. That makes DarkSide a new type of entity on the internet in that it is conducting business in Ransomware-as-a-Service.

While DarkSide does post rules, it’s unknown as of now how efficiently those rules are policed.

On Monday, Biden said there was no information linking DarkSide’s attack to the Russian government, although he said there was “evidence” that the actor’s ransomware was in that country, CNBC reported. He pledged to talk about it with Russian President Vladimir Putin.