💰💣

Colonial Pipeline Security Incident

7/05/2021 1540 days ago Resolved

Incident Overview

Situation Description

Colonial Pipeline confirmed it paid $4.4 million to hackers after a ransomware attack on its computer systems, leading to fuel shortages on the East Coast.

Event Types

Ransomware Malware / Destructive Attack

Industry Sector

Energy

Geographic Scope

National (US)

Response Actions

Took Systems or Services Offline Paid a Ransom Restored Systems from Secure Backups Managed Public Narrative & Crisis Communications

Impact Analysis

Event Types (2 identified)

Ransomware Malware / Destructive Attack

Financial Impact

$4,400,000 USD

Records Affected

Data Types Compromised

Operational / System Data

Primary Impacts

Operational Disruption Financial Loss Reputational Damage

Key Decisions Made

Colonial Pipeline paid $4.4 million in cryptocurrency to hackers.; The company took its pipeline system offline following the ransomware attack.; The decision to pay the ransom was made to restart the pipeline quickly and safely.

Technical Analysis

Attack Method

Unknown

Threat Actor Attribution

DarkSide

Additional Information

By Cathy Bussewitz, Associated Press Cathy Bussewitz, Associated Press Leave a comment 0 comments Share Copy URL https://www.pbs.org/newshour/economy/colonial-pipeline-confirms-it-paid-4-4-million-to-hackers Email Facebook Twitter LinkedIn Pinterest Tumblr Share on Facebook Share on Twitter Colonial Pipeline confirms it paid $4.4 million to hackers Economy May 19, 2021 8:28 PM EDT NEW YORK (AP) The operator of the nations largest fuel pipeline confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems. Colonial Pipeline said Wednesday that after it learned of the May 7 ransomware attack, the company took its pipeline system offline and needed to do everything in its power to restart it quickly and safely, and made the decision then to pay the ransom. This decision was not made lightly, but it was one that had to be made, a company spokesman said. Tens of millions of Americans rely on Colonial hospitals, emergency medical services, law enforcement agencies, fire departments, airports, truck drivers and the traveling public. Colonial Pipelines CEO, Joseph Blount, told The Wall Street Journal he authorized the payment because the company didnt know the extent of the damage and wasnt sure how long it would take to bring the pipelines systems back. The FBI discourages making ransom payments to ransomware attackers, because paying encourages criminal networks around the globe who have hit thousands of businesses and health care systems in the U.S. in the past year alone. But many victims of ransomware attacks, where hackers demand large sums of money to decrypt stolen data or to prevent it from being leaked online, opt to pay. I know thats a highly controversial decision, Blount told the Journal. I didnt make it lightly. I will admit that I wasnt comfortable seeing money go out the door to people like this. But it was the right thing to do for the country, he said. Blount said Colonial paid the ransom in consultation with experts who...

... (truncated for display)

Quick Facts

Company:: Colonial Pipeline
Date:: 7/05/2021
Status:: Resolved
Decision Maker:: Joseph Blount
Position:: CEO
Published:: 19/05/2021

Source Information

Original Query

Colonial Pipeline CEO full testimony transcript to Congress on ransom payment decision

View Original Source

Timeline

Information Published

19/05/2021

Incident Occurred

7/05/2021 (1540 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats