Colonial Pipeline, which had to close its network due to a ransomware attack earlier this week, reportedly paid $5 million to the hackers' group on May 13. Colonial Pipeline, which operates the largest fuel network in the US, announced on May 7 about the ransomware attack.
The company had closed over 5,000 miles (8,046 km) of pipeline that carried 100 million gallons (37,85,41,178 litres) petrol, jet fuel, and kerosene from Texas to the New York area as a preventive measure, which led to severe fuel shortages and a sharp increase in the price of fuel across the US, especially in the East Coast.
Bloomberg reported, quoting a US official, that the company paid over $5 million in ransom to the hacking group, DarkSide. The company’s shutdown of its network, which contributes to 45 percent of all daily fuel consumption on the Eastern Seaboard, saw gas prices rise as a result and fuel shortages across the coast.
The company announced on May 13 that it resumed operations but declined to comment on the payment of ransom.
The Federal Bureau of Investigation (FBI) and the White House’s official policy on ransomware is to discourage companies from paying the ransom. However, the government has not yet prohibited companies from paying the ransom. The rationale behind the policy is that paying a ransom is not guaranteed to get the data back, and will encourage cybercrime groups to further target more companies.
Anne Neuberger, the White House’s deputy national security adviser for cyber and emerging technologies, said on May 10 many companies find that paying off the criminals is the best course of action to be taken when facing such an attack.
"We recognise though that companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data," she said.
Neuberger highlighted the fact that the official stand of the government remains that ransom should not be paid as it encourages the proliferation of cybercrimes.
In an interview with MSNBC on May 13, Neuberger said, "At the federal government, we discourage the payment of ransoms, because the prolific payment of ransoms encourages ransomware."
Colonial Pipeline’s hack is just another name on the list of large corporations to be hit by a ransomware attack. And it is not just private corporations that are at risk. The attack highlights the fragility of the world’s critical infrastructures’ dependence on cybersecurity systems that can be breached.
Jennifer Granholm, the energy secretary, told Bloomberg TV, "This is a serious example of what we are seeing across the board in many places and it tells you that we need to invest in our systems, our transmission grid for electricity. We need to invest in cyber defence in these energy systems."
(Edited by : Shoma)
First Published: IST