Join our brand new verified AMN Telegram channel and get important news uncensored!

Colonial Pipeline paid $5 million ransom to hackers after cyberattack, report says

A logo sign outside of a Colonial Pipeline Company facility in Baltimore, Maryland. (Kristoffer Tripplaar/Sipa USA/TNS)
May 13, 2021

Colonial Pipeline Co. paid Eastern European hackers around $5 million Friday after the hacker group disrupted the United States’ largest fuel pipeline and demanded a ransom, Bloomberg reported on Thursday, citing people familiar with the matter.

According to Bloomberg, Colonial Pipeline paid the steep price in untraceable cryptocurrency just hours after the ransomware attack. One of the people close to the transaction said U.S. government officials are aware that the Georgia-based operator made the payment amid pressure to get fuel flowing on the east coast again.  

After payment was delivered, the hackers gave Colonial a decrypting tool to get its disabled computer network up and running. However, the tool moved very slowly, forcing the company to continue using backups to restore the system, a source said.

Representatives from both Colonial and the National Security Council declined Bloomberg’s request for comment. The news outlet went on to claim that earlier reports from other publications stating Colonial had no intention of paying the ransom were incorrect.

Deputy National Security Advisor Anne Neuberger acknowledged Monday that companies are sometimes forced to pay ransoms, saying, “We recognize, though, that companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data.”

The White House added that they had not advised Colonial Pipeline on whether to meet the hackers’ demands and pay the ransom, calling it “a private-sector decision.”

Also on Monday, a reporter asked President Joe Biden if he believes Russia is behind the cyberattack. The president said, “So far, there is no evidence … from our intelligence people that Russia is involved, although there is evidence that the actors’ ransomware is in Russia.”

“They have some responsibility to deal with this,” Biden concluded.   

The pipeline resumed full operations late Wednesday after a five-day disruption that prompted gas buying panic, price hikes, and supply challenges.

Since the attack, more than 1,000 gas stations have run out of fuel, leading the U.S. Department of Transportation to announce a regional emergency declaration impacting 17 states and the District of Columbia on Sunday.

The DOT’s regional emergency declaration includes Alabama, Arkansas, the District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia, giving the impacted states the authority to transport gasoline and other fuels via interstate highways. 

Disruptions in access to fuel also prompted Gov. Roy Cooper (D-NC), Gov. Brian Kemp (R-GA), Gov. Ralph Northam (D-VA), and Gov. Ron DeSantis (R-FL) to declare states of emergency independent of the DOT, allowing each state to activate the National Guard as needed, according to DW.