Receive Network Recovery Tool as Compensation
[Asia Economy Reporter Park Byung-hee] On the 7th (local time), Colonial Pipeline, the largest pipeline operator in the United States, which was attacked by the hacking group 'DarkSide,' reportedly paid nearly 5 million dollars (about 5.67 billion won) to DarkSide, Bloomberg News reported on the 13th, citing two sources.
Colonial transferred the amount using cryptocurrency, which is difficult to trace, and another official revealed that the U.S. federal government is also aware that Colonial paid this amount to DarkSide.
Colonial, which operates a pipeline stretching a total of 8,850 km from the Gulf of Texas to eastern New Jersey, halted all facility operations on the afternoon of the 7th after a ransomware attack caused system issues.
The U.S. Federal Bureau of Investigation (FBI) identified the newly emerged hacking group DarkSide as the culprit last year, and DarkSide also posted a statement implying their responsibility.
DarkSide is believed to be based in Eastern Europe or Russia. Since August last year, they have mainly targeted over 80 companies in English-speaking Western countries with ransomware attacks, reportedly causing hundreds of billions of dollars in losses. They typically infiltrate the victim companies' computer systems using malicious code, encrypt files, and demand money in exchange for releasing the 'hostage' data.
DarkSide is known to have stolen 100 gigabytes (GB) of information from Colonial's network within two hours through the ransomware attack.
According to Bloomberg News, the hackers sent Colonial a 'decryption tool' to restore the computer network immediately after receiving the money. However, a source said the tool operated too slowly, so the company continued to use its own backups to support system recovery.
Generally, the FBI advises against paying ransom due to the risk of encouraging similar crimes, but Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technologies at the White House, said at a briefing on the 10th, "Colonial is a private company," and did not provide any advice regarding the payment.
Colonial issued a statement the previous afternoon announcing the start of pipeline restart and expressed expectations to resume services across the entire system within the day.
Colonial is responsible for 45% of the oil supply along the densely populated U.S. East Coast. After the ransomware attack halted pipeline operations for six days, a 'panic buying' phenomenon occurred mainly in the southeastern region, and gasoline consumer prices surpassed $3 per gallon for the first time in seven years.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
