Colonial Pipeline is said to have paid more than 4 million euros in ransom to the criminals who infected the oil pipeline company with ransomware. This is said to have happened within hours of the attack. The company claims not to have paid any ransom.
The amount was transferred to the criminals in cryptocurrency, anonymous sources tell Bloomberg. After payment, Colonial Pipeline would have been given a decryption tool. It would only have been so slow that the company also had to use its own backups to be able to restore the systems. Neither the company nor the US government would comment to Bloomberg about the ransom paid. The company itself has always claimed that no ransom was paid.
The oil pipeline has been back in service since Thursday. The pipeline is an important part of the United States’ energy infrastructure, carrying 2.5 million barrels of oil every day. Nearly half of the US East Coast will be supplied with fossil fuels through the pipeline. The ransomware attack caused crowds at petrol pumps, resulting in fuel shortages.
Colonial Pipeline announced Monday that it had been hit by ransomware. The company itself has never said who is behind it, although anonymous sources speak of the Russian criminal organization DarkSide. This organization not only encrypted the software, but also stole 100GB of data.