Chamberlain dvernb Posted May 20, 2021 Chamberlain Share Posted May 20, 2021 Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom to the cyber-criminal gang responsible for taking the US fuel pipeline offline. It's boss told The Wall Street Journal he authorised the payment on 7 May because of uncertainty over how long the shutdown would continue. "I know that's a highly controversial decision," Joseph Blount said in his first interview since the hack. The 5,500-mile (8,900-km) pipeline carries 2.5 million barrels a day. According to the firm, it carries 45% of the East Coast's supply of diesel, petrol and jet fuel. Chief executive Mr Blount told the newspaper that the firm decided to pay the ransom after discussions with experts who had previously dealt with DarkSide, the criminal organisation behind the attack. "I didn't make [that decision] lightly. I will admit that I wasn't comfortable seeing money go out the door to people like this. "But it was the right thing to do for the country," he added. More: https://www.bbc.com/news/business-57178503 2 Quote Link to comment
Founder Merlin Posted May 20, 2021 Founder Share Posted May 20, 2021 The right thing to do? Yes. It’s easier to do the right thing when that is your only option. It would have been better to have an alternative way of overriding whatever control the hackers had breached. How could an oil pipeline company not have considered such a threat and planned accordingly? Simple. They had considered it but chose profit over national security and chose not to spend the money on a backup control override. I’d bet they still haven’t fixed the weak link. 2 Quote Link to comment
Chamberlain koolrebel Posted May 21, 2021 Chamberlain Share Posted May 21, 2021 I'll bet the cost gets passed on to the consumer somehow 1 Quote Link to comment
Founder Merlin Posted May 21, 2021 Founder Share Posted May 21, 2021 1 hour ago, koolrebel said: I'll bet the cost gets passed on to the consumer somehow Always 1 Quote Link to comment
Chamberlain dvernb Posted June 8, 2021 Author Chamberlain Share Posted June 8, 2021 (edited) Now here's a twist! The U.S. has managed to "steal back" most of the ransom that was paid by Colonial Pipelines. "In America's ongoing fight against the scourge of ransomware, this is a major victory. Stealing back a ransom is, to my knowledge, a first and it shows how far the US is willing to go to deter cyber-criminals. It sends a powerful message to the gangs who have been operating with impunity for years in states like Russia. Perhaps deliberately, the DoJ are being vague about exactly how they did it. All they are saying is that the "private key" to the criminal's Bitcoin wallet is in the "possession of the FBI". With this key, which is effectively a password, agents were able to simply log in and send the digital coins to another wallet they control. The cyber-security world is abuzz with rumours and theories about how they got hold of the password. Perhaps the key was found on seized servers, or gifted by an angry insider, or handed over by a cooperative company used as part of the criminal infrastructure. Either way, it's a big moment and it is sending shockwaves. https://www.bbc.com/news/business-57394041 https://www.npr.org/2021/06/08/1004223000/how-a-new-team-of-feds-hacked-the-hackers-and-got-colonial-pipelines-bitcoin-bac Edited June 8, 2021 by dvernb 1 Quote Link to comment
Founder Merlin Posted June 8, 2021 Founder Share Posted June 8, 2021 Well, all the hackers need to do is change passwords frequently now the DOJ told them how they did it. Right? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.