World

'We Turned the Tables': US Recovers 'Majority' of Colonial Pipeline Ransom From Hackers

The ransomware attack on the Colonial Pipeline in early May prompted several setbacks, including a severe gas shortage along the majority of the US East Coast. The pipeline serves as a critical part of the US petroleum infrastructure in the nation.
Sputnik

The US Department of Justice announced on Monday that investigators recovered millions of dollars in cryptocurrency that was paid to the DarkSide hacking group whose cyberattack shuttered Colonial Pipeline operations.

US Deputy Attorney General Lisa Monaco declared at a news conference that the agency had "found and recaptured the majority of the ransom Colonial paid to the DarkSide Network."

"Ransomware attacks are always unacceptable, but when they target critical infrastructure, we will spare no effort in our response. ... Today, we turned the tables on DarkSide," Monaco remarked. "This work is important, because every day, the digital threats we face are more diverse, more sophisticated and more dangerous."

Approximately 63.7 Bitcoins were seized by officials, an amount valued at about $2.3 million.

Citing individuals who were briefed on the development, CNN earlier reported that the US Department of Justice would be making an official announcement on the matter later Monday. It was noted that the recovery operation was led by the FBI in cooperation with the pipeline's operators.

Although pipeline officials had initially stated they did not intend to pay DarkSide's ransom, it was later revealed by Colonial Pipeline CEO Joseph Blount that the company did fork over some $ 4.4 million to the cybercriminal group.

However, in that fund exchange, US investigators reportedly used the opportunity to track the payment to a cryptocurrency wallet being used by DarkSide.

Sources informed the outlet that investigators with the FBI had been trying to examine the hacking group's "operational or personal security" in order to pinpoint the identities of the individuals responsible for the cyberattack.

It's worth noting that officials did underscore that the federal government's efforts to amend such actions by cybercriminals is not always possible. "It will take improved defenses, breaking up the profitability of ransomware and directed action on the attackers to make this stop," one of the sources remarked.

In the wake of the May cyberattack, Americans all along the US East Coast experienced an extensive gas shortage for a period of days, even after the pipeline restarted its operations. At the height of the shortage, the national average for gas prices topped out at $3 per gallon for the first time in years.

As a response to attack, the Biden administration announced that it would be implementing a series of new cybersecurity requirements for the pipeline industry that would force companies to report any cyberattack directly to federal authorities. Prior to the order, such reports were only on a voluntary basis.

Discuss