Jun 8, 2021 - Technology

Colonial Pipeline CEO tells Congress paying ransom was "the right choice"

Colonial Pipeline CEO Joseph Blount defended his decision Tuesday to pay the hackers that launched a ransomware attack against the crucial fuel line, telling a Senate panel it was "the right choice" and that he put "the interests of the country first."

Why it matters: Federal investigators for years have recommended that companies do not pay hacking groups to decrypt their computer systems over fears that the transactions would encourage more groups to conduct future attacks.

What he's saying: "I made the decision to pay, and I made the decision to keep the information about the payment as confidential as possible," Blount told the Senate Homeland Security and Government Affairs Committee Tuesday. "It was the hardest decision I've made in my 39 years in the energy industry."

  • "And I know how critical our pipeline is to the country, and I put the interest of the country first. I kept the information closely held because we were concerned about operational safety and security, and we wanted to stay focused on getting the pipeline back up and running. I believe with all my heart it was the right choice to make," he added.
  • "I also now state publicly that we quietly and quickly worked with the law enforcement in this matter from the start, which may have helped lead to the substantial recovery of funds announced by the DOJ this week."

Context: Blount told the Wall Street Journal he authorized a ransom payment of $4.4 million to the DarkSide cyber crime group on May 7 in an attempt to restore the services of the largest refined fuels pipeline in the country.

  • However, the company had been following instructions from the FBI in making the transaction, which was able to track it, according to CNN.
  • After the payment, the hacker group said it was going dark after it lost access to the infrastructure needed to carry out its extortion operations and that a cryptocurrency account it uses to pay its affiliates had been drained.

The big picture: The Department of Justice and FBI said Monday the U.S. had recovered $2.3 million worth of cryptocurrency from payments to individuals tied to DarkSide.

  • It marked the first seizure undertaken by a recently created digital extortion task force in the Justice Department, according to CNN.

Go deeper: DOJ to treat ransomware attacks with similar priority as terrorism

Go deeper