Powered by Topple

‘Frightening’: Colonial Pipeline caves to Eastern European hackers, pays $5M ransom hours after attack

Powered by Topple

Colonial Pipeline evidently paid the Russia-linked hacking group DarkSide a $5 million ransom in untraceable cryptocurrency just a few hours after the attack took place on Friday in order to regain access to their network.

On Tuesday, anonymous sources told Bloomberg, Reuters, and The Washington Post the company had no intention of paying the ransom, but those claims now appear to be incorrect as they had already ponied up the demanded funds.

Even though Colonial Pipeline paid the ransom after the demand came in, it took them another six days to start restoring access to the pipeline. This is evidently because of the slow decryption key provided by the hackers which forced the company to use its own backups to more quickly facilitate getting back online. It gives the appearance that DarkSide intentionally meant to draw out the crisis as long as possible even though they got what they wanted. Because of the delay, severe gas shortages, panic buying, hoarding, and general chaos has been triggered across numerous states.

Even with the restart, as of Thursday morning, 71 percent of gas stations in North Carolina are without gas, as are half the stations in Florida, D.C., South Carolina, Virginia, and Georgia. Colonial Pipeline supplies an estimated 45 percent of the fuel consumed on the East Coast.

(Video Credit: ABC News)

Needless to say, many critics blasted Colonial Pipeline for setting a dangerous precedent by paying the ransom:

White House Press Secretary Jen Psaki conveniently argued because Colonial is a private company, paying the ransom was none of the government’s business.

It’s being predicted that the outages will spread from New Jersey to Mississippi and that over 10,000 gas stations will be offline. The national average of a gallon of gas is now $3.028 and in some places, it is reportedly $7 a gallon.

It will take a number of days for the 5,500-mile pipeline to return to normal according to Colonial. Full functionality could take as long as two weeks. Reports of massive lines are coming in with some lines allegedly reaching over 100 cars long.

Reportedly, gas travels through the pipeline at five miles an hour. That means it would take two weeks to reach New York once the pipeline is restored from the Texas refining hub. Jet fuel and diesel will take even longer.

Colonial Pipeline released a statement on Thursday: “By mid-day today, we project that each market we service will be receiving product from our system.”

Analyst Patrick De Haan from GasBuddy expects the shortages to get even worse over the next two days before turning around. He tweeted: “While the Colonial Pipeline is restarting, the [gas station] outage numbers may drift higher over the next 48 hours before then beginning to fall.”

When the cyberattack took place it put a halt to roughly 2.5 million barrels per day of shipments for jet fuel, diesel, and gasoline. The pipeline is called the “jugular” of America’s infrastructure for good reason. This has become a national security issue.

The company is also warning of “intermittent service interruptions during the start-up period.”

The company has opened portions of the line manually in the Carolinas, Georgia, Maryland, and New Jersey.

Colonial says they are working with cybersecurity experts in their investigation of the attack. They are also taking additional security measures as they restart the system.

A forensic report stated that the “most likely culprit” within the company’s IT infrastructure was the vulnerable Microsoft Exchange services, as reported by New York Times reporter Nicole Perlroth. There were a number of other issues that were characterized by researchers as an overall “lack of cybersecurity sophistication.”

Comments

Latest Articles