The hacked American Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.
The largest gasoline pipeline in the U.S. is returning to service following a cyberattack that took the fuel artery offline for five days.
The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack.
A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment, reported Bloomberg.
Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network.
Subscribe to GreatGameIndia
The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.
The hackers, which the FBI said are linked to a group called DarkSide, specialize in digital extortion.
“They had to pay,” said Ondrej Krehel, chief executive officer and founder of digital forensics firm LIFARS and a former cyber expert at Loews Corp., which owns Boardwalk Pipeline.
“This is a cyber cancer. You want to die or you want to live? It’s not a situation where you can wait.”
A report released last month by a ransomware task force said the amount paid by victims increased by 311% in 2020, reaching about $350 million in cryptocurrency. The average ransom paid by organizations in 2020 was $312,493, according to report.