One of the United States’ leading pipeline operator, Colonial Pipeline, has reportedly paid a ransom worth $5 million (about N2.043billion) to hackers days after the company fell victim to a sweeping cyberattack.
According to a source quoted by Bloomberg, the cybercriminals were reportedly paid in cryptocurrency, making it almost impossible to trace the transaction.
On May 7, the Colonial Pipeline suffered a cyberattack which forced the company to temporarily close down operations.
It was reported that the cyberattack forced the company to shut down approximately 5,500 miles of pipeline, leading to a disruption of nearly half of the East Coast fuel supply and causing gasoline shortages in the Southeast.
The oil company, in a press release confirming the attack said it “temporarily took certain systems offline to contain the threat, which temporarily halted all pipeline operations, and affected some of our IT systems.”
The Colonial pipeline which was founded in 1962 and headquartered in Alpharetta, Georgia, is one of the largest pipeline operators in the US and provides roughly 45% of the East Coast’s fuel, including gasoline, diesel, home heating oil, jet fuel, and military supplies.
According to source, the hackers provided the Colonial Pipeline with the necessary decrypting tool to restore the hacked network after the ransom was allegedly paid.
Meanwhile, the cyberattack has been allegedly linked with a Russian Group, codenamed DarkSide.
During the attack, over 100GB in corporate data was reportedly stolen from the Colonial Pipeline in just two hours by the DarkSide Group.
US President, Joe Biden during a press briefing acknowledged that the attack was orchestrated by a group in Russia, however, he noted that security agencies have no intelligence linking the DarkSide group to the attack.
In his words, “So far there is no evidence from our intelligence people that Russia is involved although there is evidence that the actor’s ransomware is in Russia, they have some responsibility to deal with this,” Biden said from the White House on Monday.
The Colonial Pipeline in a press release announced it had restored its operations days after it was forced to shut down its entire system due to the cyberattack, thereby fuelling speculations that a ransom was paid to the cyberattackers to get the massive data back.
Meanwhile, the company had earlier described its decision to temporarily close pipeline service as a precautionary measure.
