Colonial Pipeline Co. reportedly paid almost $5 million to hackers on Friday after reports circulated asserting it would not give into demands.
Two people familiar with the situation reportedly said the ransom was paid “in untraceable cryptocurrency within hours after the attack,” according to Bloomberg News. A third individual familiar with the situation reportedly added that “U.S. government officials are aware” of the payment.
The hackers, believed to be involved with the group DarkSide, gave a decrypting tool after payment. The tool was reportedly incredibly slow, prompting Colonial Pipeline to use its own efforts as well, Bloomberg News reported. The company became aware of the attack on May 7, causing a complete shutdown and fuel shortages in multiple states.
The news underscores recent reports from the media declaring Colonial Pipeline had no plans to pay the ransom. Deputy National Security Advisor Anne Neuberger addressed the ransom on Monday and said although it’s not recommended, “companies are often in a difficult position” regarding making payments.
Cybersecurity experts recommend against paying ransoms in part because it’s not certain data can be recovered. The move may also promote crime and ransom payments have directly contributed to more attacks, former Director of the Cybersecurity and Infrastructure Security Agency Christopher Krebs said in 2020.
White House officials have repeatedly told reporters to ask the company if it paid the ransom. White House press secretary Jen Psaki also wouldn’t answer questions on whether the public has a right to know if a company like Colonial Pipeline is paying a ransom to hackers. (RELATED: Major Fuel Pipeline Network Shuts Down After Cyber Attack)
The pipeline began to resume operations Wednesday evening, although Energy Secretary Jennifer Granholm said it will likely take time to fully recover.