Colonial Pipeline Co. has reportedly paid Eastern European hackers about $5 million as ransom on Friday, shortly after the cyberattack forced the largest United States fuel pipeline to shut down.
Bloomberg reports that the company paid the huge ransom in difficult-to-trace cryptocurrency within hours after the attack, despite the FBI’s advice that it would give room to other would-be hackers and there is no guarantee they will follow through on promises to unlock files.
The hackers, after receiving the payment, provided the operator with a decrypting tool to restore its disabled computer network.
The decrypting tool was, however, slow that the company continued using its own backups to help restore the system.
“They had to pay,” said Ondrej Krehel, Chief Executive Officer and Founder of Digital Forensics Firm LIFARS and a Former Cyber Expert at Loews Corp., which owns Boardwalk Pipeline.
“This is a cyber cancer. You want to die or you want to live? It’s not a situation where you can wait.”
Krehel said a $5 million ransom for a pipeline was “very low.”
“Ransom is usually around $25 million to $35 million for such a company. I think the threat actor realized they stepped on the wrong company and triggered a massive government response,” he said.
Meanwhile, Colonial said it has resumed fuel shipments around 5 p.m. Eastern time on Wednesday.
Deliveries is expected to take several days to return to normal.