Investigators have recovered the bulk of a ransom payment in the digital currency Bitcoin following the hacking attack on the largest gasoline pipeline in the United States. Seized was 63.7 bitcoin currently worth about $2.3 million, the U.S. Department of Justice said Monday. The FBI succeeded in identifying a digital wallet that hackers allegedly used to collect a payment from the company involved, said the agency's deputy director, Paul Abbate.The Colonial Pipeline company had said in early May that it had been the victim of a hacking attack. As a result, operations of the pipeline, through which about 45 percent of all fuel consumed on the U.S. East Coast passes, were temporarily shut down completely. Parts of the country experienced gasoline shortages. Washington, the nation's capital, was particularly hard hit, with 88 percent of gas stations out of fuel at times. "This was an attack on one of our most important national infrastructures," said Attorney General Lisa Monaco.
The U.S. government suspects hackers from the group DarkSide from Russia are behind the crime. Both U.S. authorities and IT security experts strongly advise companies not to pay ransoms, so as not to provide cyber criminals with incentives for extortion. But the pipeline operator did pay, as company CEO Joseph Blount admitted to the Wall Street Journal in late May. He authorized a $4.4 million payment, he said. Blount explained the controversial decision by saying that the company had been unsure about the extent of the system damage caused.
According to the U.S. Department of Justice, Colonial Pipeline had quickly notified the FBI that DarkSide had penetrated its computer network and that the company had paid the requested ransom of 75 bitcoin. In so-called ransomware attacks, data on computers is encrypted - and the attackers usually demand a ransom for its release.This is now the first time that a ministry unit set up specifically to combat ransomware and digital extortion has seized ransomware. "Ransomware is the fuel that fuels the engine of digital extortion," Monaco explained. He said the seizure shows that the U.S. will "use all available means" to "make such attacks less profitable for criminal enterprises."
Colonial chief Blount praised the work of FBI investigators in a statement. He also said the private sector needs to take cyber threats seriously and invest to better defend against them."Ransomware attacks have grown in scope and sophistication over the past year, targeting our critical infrastructure, businesses of all types, entire cities, and even law enforcement agencies," Monaco said. "Ransomware and digital extortion are a threat to the national and economic security of the United States."Just weeks after the gasoline pipeline attack, the world's largest meat company, JBS, was hit by a massive cyberattack. Large parts of its production in North America and Australia were paralyzed.
Image by Robinraj Premchand