cloudy.png
Thursday June 24th, 2021 3:11PM

Pipeline CEO: Ransom payment 'hardest decision' of career

By The Associated Press
Related Articles
  Contact Editor

WASHINGTON (AP) — The chief executive of the massive fuel pipeline hit by ransomware said Tuesday that authorizing a multi-million-dollar payment to hackers was the right thing to do after an attack that prompted a gas shortage in much of the eastern U.S., even as federal authorities have discouraged such transactions.

“I made the decision to pay, and I made the decision to keep the information about the payment as confidential as possible,” Colonial Pipeline CEO Joseph Blount told the Senate Homeland Security Committee at a hearing about last month’s attack. “It was the hardest decision I’ve made in my 39 years in the energy industry, and I know how critical our pipeline is to the country — and I put the interests of the country first.”

Asked how much worse it would have been if the company hadn't paid to get its data back, Blount said, “That's an unknown we probably don't want to know. And it may be an unknown we probably don’t want to play out in a public forum.”

Blount's testimony, his first since the May 7 cyberattack that led the pipeline to halt operations, underscored the dilemma facing both the private industry and the federal government as ransomware attacks have proliferated in scale and sophistication. U.S. authorities have cautioned against payments for fear of encouraging additional attacks, but Blount's remarks made clear the enormous economic consequences if ransoms aren't paid and critical infrastructure is shut down.

In this case, the Justice Department was able to recover much of the $4.4 million ransom after seizing a virtual bitcoin wallet used to hide the proceeds. Though officials said they may be able to achieve similar success in future ransomware attacks, that is hardly guaranteed.

The May 7 attack on Colonial Pipeline — which supplies roughly 45 of the fuel consumed on the East Coast — has been attributed to a Russia-based gang of cybercriminals using the DarkSide ransomware variant, one of more than 100 variants the FBI is currently investigating. The attack began after hackers exploited a legacy virtual private network that was not intended to be in use and has since been shut down, Blount said.

Blount said the Georgia-based company began negotiating with the hackers on the evening of the May 7 attack and paid a ransom of 75 bitcoin — then valued at roughly $4.4 million — the following day. The hack prompted the company to halt operations before the ransomware could spread to its operating systems.

Though the FBI has historically discouraged ransomware payments for fear of encouraging cyberattacks, Colonial officials have said they saw the transaction as necessary to resume the vital fuel transport business as rapidly as possible.

The encryption tool the hackers provided the company in exchange for the payment helped “to some degree" but was not perfect, with Colonial still in the process of fully restoring its systems, Blount said.

“If you start to look at the fact that it took us from Friday all the way to Wednesday afternoon the following (to resume operations), and we already started to see pandemonium going on in the markets, people doing unsafe things like filling garbage bags full of gasoline or people fist-fighting in line at the fuel pump, the concern would be what would happen if it had stretched on beyond that amount of time,” Blount said.

“What would happen at the airports where we supply a lot of jet fuel, let alone what might happen at the gas pump,” he added.

The operation to seize cryptocurrency paid to the Russia-based hacker group is the first of its kind to be undertaken by a specialized ransomware task force created by the Biden administration Justice Department. It reflects a rare victory in the fight against ransomware as U.S. officials scramble to confront a rapidly accelerating threat targeting critical industries around the world.

“By going after the entire ecosystem that fuels ransomware and digital extortion attacks — including criminal proceeds in the form of digital currency — we will continue to use all of our resources to increase the cost and consequences of ransomware and other cyber-based attacks,” Deputy Attorney General Lisa Monaco said Monday in announcing the operation.

The Bitcoin amount seized — 63.7, currently valued at $2.3 million after the price of Bitcoin tumbled— amounted to 85% of the total ransom paid, which is the exact amount that the cryptocurrency-tracking firm Elliptic says it believes was the take of the affiliate who carried out the attack. The ransomware software provider, DarkSide, would have gotten the other 15%.

“The extortionists will never see this money,” said Stephanie Hinds, the acting U.S. attorney for the Northern District of California, where a judge earlier Monday authorized the seizure warrant.

Ransomware attacks — in which hackers encrypt a victim organization's data and demand a hefty sum for returning the information — have flourished across the globe. Last year was the costliest on record for such attacks. Hackers have targeted vital industries, as well as hospitals and police departments.

Weeks after the Colonial Pipeline attack, a ransomware attack attributed to REvil, a Russian-speaking gang that has made some of the largest ransomware demands on record in recent months, disrupted production at Brazil’s JBS SA, the world's largest meat processing company.

The ransomware business has evolved into a highly compartmentalized racket, with labor divided among the provider of the software that locks data, ransom negotiators, hackers who break into targeted networks, hackers skilled at moving undetected through those systems and exfiltrating sensitive data — and even call centers in India employed to threaten people whose data was stolen to pressure for extortion payments.

_____

Associated Press writer Frank Bajak in Boston contributed to this report.

___

Follow Eric Tucker on Twitter at http://www.twitter.com/etuckerAP

  • Associated Categories: Homepage, Local/State News, Associated Press (AP), AP National News, AP Online National News, Top General short headlines, AP Online Headlines - Washington, AP Business, AP Online - Georgia News, AP Business - Financial Markets, AP Business - Industries, AP Business - Utilities, AP Technology News
© Copyright 2021 AccessWDUN.com
All rights reserved. This material may not be published, broadcast, rewritten, or redistributed without permission.
Pipeline CEO: Ransom payment 'hardest decision' of career
The chief executive of the massive fuel pipeline hit by ransomware last month says authorizing a multi-million-dollar payment to hackers was the right thing to do to bring an end to fuel shortages affecting much of the eastern United States
1:23PM ( 9 minutes ago )
The Latest: Pfizer expands vaccine tests in kids under 12
Pfizer says it is expanding testing of its COVID-19 vaccine in children younger than 12
1:21PM ( 10 minutes ago )
Virginia city council votes to remove Confederate statues
Officials in a Virginia city have voted unanimously to remove two statues of Confederate generals, including one that was the focus of a violent white nationalist rally in 2017
1:20PM ( 11 minutes ago )
Associated Press (AP)
Global glitch: Swaths of internet go down after cloud outage
Dozens of websites briefly went offline around the globe Tuesday, including CNN, The New York Times and Britain’s government home page, after an outage at the cloud service Fastly
12:53PM ( 39 minutes ago )
French leader Macron slapped in face on visit to small town
French President Emmanuel Macron has been slapped in the face by a man during a visit to a small town in southeast France
12:44PM ( 47 minutes ago )
Protesters maintain blockade at Minnesota oil pipeline site
Protesters fighting Canadian-based Enbridge Energy's push to replace an aging oil pipeline across northern Minnesota have maintained a blockade at a pump station as part of a summer drive to stop the project before it can go into service later this year
12:19PM ( 1 hour ago )
AP National News
Harris turns focus to Mexico on trip to address migration
Vice President Kamala Harris is closing out her first foreign trip Tuesday as she visits Mexico and meets with President Andrés Manuel López Obrador
11:21AM ( 2 hours ago )
Global sting: Secure FBI-run messaging network tricks crooks
Criminal gangs divulged plans for moving drug shipments and carrying out killings on a secure messaging system run by the FBI
11:16AM ( 2 hours ago )
Judges uphold conviction of Serb military chief Ratko Mladic
U.N. appeals judges have upheld the conviction of former Bosnian Serb military chief Ratko Mladic for genocide and other offenses during Bosnia’s 1992-95 war and confirmed his life sentence
11:10AM ( 2 hours ago )
Top General short headlines
Vinyl records surge during pandemic, keeping sales spinning
Music lovers sent vinyl record sales soaring during the pandemic, giving retailers something to cheer on Record Store Day
12:51PM ( 41 minutes ago )
Stocks wobble as investors seek direction amid recovery
Stocks swayed between small gains and losses in afternoon trading on Wall Street Tuesday while investors continue searching for direction as the economy recovers from its pandemic slump
12:45PM ( 47 minutes ago )
Deep-red Idaho sees growing clash between GOP and far right
Mainstream and far-right Republicans are battling for control of the party and the state in deeply conservative Idaho
12:40PM ( 52 minutes ago )
AP Business
Stock are off to a mixed start on Wall Street; tech rises
Stocks are off to a mixed start on Wall Street as technology companies climb while banks and energy companies fall
9:45AM ( 3 hours ago )
World shares mixed as investors await inflation updates
World shares are mixed, with European indexes mostly higher after a downbeat session in Asia
4:44AM ( 8 hours ago )
Asian shares edge lower after mixed finish on Wall Street
Stocks have edged lower in Asia after a mixed finish on Wall Street
2:33AM ( 10 hours ago )
AP Business - Financial Markets
World Bank sees 5.6% global growth in 2021, best since 1973
The World Bank is upgrading the outlook for global growth this year, predicting that COVID-19 vaccinations and massive government stimulus in rich countries will power the fastest worldwide expansion in nearly five decades
9:54AM ( 3 hours ago )
Foundation to spend $1.3B to vaccinate Africans for COVID
One of the largest foundations in the world announced Tuesday it will spend $1.3 billion over the next three years to acquire and deliver COVID-19 vaccines for more than 50 million people in Africa
9:35AM ( 3 hours ago )
BioNTech founders contributing to book on COVID-19 vaccine
The husband and wife team who helped develop the first COVID-19 vaccine are contributing to a book
9:00AM ( 4 hours ago )
AP Business - Industries
Biden invites Ukrainian president to White House this summer
President Joe Biden has invited Ukrainian President Volodymyr Zelenskyy for a White House visit this summer
5:03PM ( 20 hours ago )
Carbon dioxide levels hit 50% higher than preindustrial time
Scientists say the annual peak of global heat-trapping carbon dioxide in the air has reached another dangerous milestone: 50% higher than when the industrial age began
2:28PM ( 23 hours ago )
US stocks edge mostly higher, hovering near record highs
Stocks are nudging mostly higher in early trading, putting the S&P 500 and the Dow Jones Industrial Average back near the record highs they reached a month ago
9:43AM ( 1 day ago )
AP Business - Utilities
The Latest: Pfizer expands vaccine tests in kids under 12
Pfizer says it is expanding testing of its COVID-19 vaccine in children younger than 12
1:21PM ( 11 minutes ago )
Virginia city council votes to remove Confederate statues
Officials in a Virginia city have voted unanimously to remove two statues of Confederate generals, including one that was the focus of a violent white nationalist rally in 2017
1:20PM ( 11 minutes ago )
Bosnian Serb commander Ratko Mladic loses genocide appeal
U.N. appeals judges have upheld the conviction of former Bosnian Serb military chief Ratko Mladic for genocide and other offenses during Bosnia’s 1992-95 war and affirmed his life sentence
1:05PM ( 27 minutes ago )
Global glitch: Swaths of internet go down after cloud outage
Dozens of websites briefly went offline around the globe Tuesday, including CNN, The New York Times and Britain’s government home page, after an outage at the cloud service Fastly
1:04PM ( 28 minutes ago )
Crews work to reopen Floyd square, activists close it again
Crews returned to a Minneapolis intersection where a memorial to George Floyd was assembled after his death last year and worked to reopen it to traffic by removing debris and makeshift barriers
1:00PM ( 31 minutes ago )