According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption key.
Colonial Pipeline Co., operator of the largest U.S. fuel pipeline, reportedly paid $5 million to criminals behind a ransomware attack that has sent fuel prices spiking up and down the East Coast.
Sources familiar with the payout told Bloomberg that representatives of Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption tool that allowed the firm to restore its computer network disabled in last week’s attack.
On Wednesday, the energy firm restarted its pipeline operations after five days of being shut down: a shutdown done proactively following the ransomware attack.
News of the payment is an about-face: according to reports on Wednesday, the company had no intention of paying the ransom.
“The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard,” Bloomberg reporters William Turton, Michael Riley and Jennifer Jacobs wrote.
Colonial Pipeline did not reply to Threatpost’s inquiries seeking confirmation of the Bloomberg report.
Read more at: threatpost.com