Colonial confirms to WSJ it paid $4.4M to pipeline hackers

CEO authorized the payments because he didn’t know the extent of the damage

Tanker trucks are parked near the entrance of Colonial Pipeline Company Wednesday, May 12, 2021, in Charlotte, N.C.  The operator of the nations largest fuel pipeline has confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems. That's according to a report from the Wall Street Journal. Colonial Pipelines CEO Joseph Blount told the Journal that he authorized the payment after the ransomware attack because the company didnt know the extent of the damage.   (AP Photo/Chris Carlson)
Tanker trucks are parked near the entrance of Colonial Pipeline Company Wednesday, May 12, 2021, in Charlotte, N.C. The operator of the nations largest fuel pipeline has confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems. That's according to a report from the Wall Street Journal. Colonial Pipelines CEO Joseph Blount told the Journal that he authorized the payment after the ransomware attack because the company didnt know the extent of the damage. (AP Photo/Chris Carlson) (Copyright 2021 The Associated Press. All rights reserved)

The operator of the nation’s largest fuel pipeline confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems.

Colonial Pipeline said Wednesday that after it learned of the May 7 ransomware attack, the company took its pipeline system offline and needed to do everything in its power to restart it quickly and safely, and made the decision then to pay the ransom.

“This decision was not made lightly," but it was one that had to be made, a company spokesman said. “Tens of millions of Americans rely on Colonial – hospitals, emergency medical services, law enforcement agencies, fire departments, airports, truck drivers and the traveling public.”

Colonial Pipeline’s CEO, Joseph Blount, told The Wall Street Journal he authorized the payment because the company didn't know the extent of the damage and wasn't sure how long it would take to bring the pipeline's systems back.

The FBI discourages making ransom payments to ransomware attackers, because paying encourages criminal networks around the globe who have hit thousands of businesses and health care systems in the U.S. in the past year alone. But many victims of ransomware attacks, where hackers demand large sums of money to decrypt stolen data or to prevent it from being leaked online, opt to pay.

“I know that’s a highly controversial decision,” Blount told the Journal. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”

“But it was the right thing to do for the country,” he said.

Blount said Colonial paid the ransom in consultation with experts who previously dealt with the group behind the attacks, DarkSide, which rents out its ransomware to partners to carry out the actual attacks.