Days after Colonial Pipeline was hit by a cyberattack, company’s chief executive officer Joseph Blount has confirmed that he authorized paying USD 4.4 million to hackers. This is the first time when the CEO has publically confirmed that a ransom had been paid. The acceptance comes after repeated refusals from the Colonial Pipeline over the payment. Blount has termed it “a highly controversial decision.” However, Blount stressed that it was the right thing to do for the country. “I will admit that it was not an easy decision to make. It was not easy to see money going out of the door to people in this way,” Blount was quoted as saying by media reports. It was reported last week that the company paid huge money to the ransomware group that was behind the crippling cyber attack.
Blount said that he agreed to pay the ransom as executives were neither sure about the impact of the cyberattack on it systems nor they had any ideas about how long it could take to restore the services. Following the attack, the company was left with no choice but to shut down pipeline operations. This resulted in massive gasoline disruption in the southeast part of the United States. Colonial Pipeline has briefed congressional about the timeline of the ransomware attack. However, it is still not clear who was leading the negotiation. The company refused to discuss details related to ransom and a spokesperson of the company said that its employees had no direct contact with the attackers. So it is still unclear who negotiated that payment.
The Federal Bureau of Investigation always asks companies to not pay when hit by ransomware. FBI officials believe that doing that boosts the morale of hackers and can give rise to a booming cranial marketplace. Ransomware is a type of code that takes control of the files present in the computer and demands hefty payment to let users have access. But companies and other organizations have been paying to attackers as they believe that it’s the only way to avoid costly disruptions to their operations. According to people familiar with the development, the company made the payment in the form of Bitcoin. In return for the payment, Colonial Pipeline received a decryption tool that allowed them access to systems hacked by attackers. While it was useful for the company to an extent, it couldn’t restore the pipeline’s systems immediately.