If Bloomberg is to believed1, Colonial Pipeline paid out a ransom of almost $5 million last week in an attempt to help it restore the operation of its massive East Coast fuel pipeline.
According to the news outlet, anonymous sources confirmed that the DarkSide ransomware gang were paid a ransom of approximately 75 Bitcoin within hours of the company shutting down its pipeline in response to the attack.
The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.
Was it worth paying the ransom? Well, that’s debatable. Because according to Bloomberg, the recovery tool DarkSide provided – to supposedly decrypt systems that had been earlier garbled – proved too slow, and so Colonial Pipeline continued to rely upon its own backups:
Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.
That’s not a great advert for the DarkSide ransomware gang. If I were them I wouldn’t be too happy. Mind you, maybe they’re not having the best week of their lives anyway – regardless of the cryptocurrency they may have received.
Interestingly, before the news from Bl ..
Support the originator by clicking the read the rest link below.
