Home Ransom Payments and Colonial Pipeline Update

Ransom Payments and Colonial Pipeline Update

May 18–Last week, the “most disruptive cyberattack on record” stalled the transport of millions of barrels of gasoline, diesel and jet fuel from the America’s East Coast to its Gulf Coast. Across several days, more than 100 million gallons of fuel per day failed to flow from point-to-point. Drivers flocked to gas stations in order to fill up on fuel ahead of a potential prolonged fuel shortage. As of this writing, thousands of gas stations across America remain without fuel.

Ransom paid to restore normalcy?

US lawmakers are now asking tough questions about whether or not the affected organization actually paid a ransom to hackers and whether or not organizations that experience ransomware should pay extortion groups.

Should “essential organizations” receive federal permission to pay ransoms, with all other organizations barred from the practice? What constitutes an “essential organization” anyway?

Congressional investigation

“We were pleased to have the opportunity to brief committee staff, who have an important duty to conduct oversight on matters of public concern,” stated a Colonial Pipeline spokesperson. “We will continue to cooperate with Congress as the investigation of this cyber-attack on our company continues.”

Lawmakers contend that an increased level of specificity on the part of Colonial Pipeline regarding their ransomware payments would assist with legislative development.

“We’re disappointed that the company refused to share any specific information regarding the reported payment of ransom during today’s briefing,” said congressional representatives Bennie Thompson and Carolyn Maloney.

Colonial Pipeline co.

According to Bloomberg News, Colonial Pipeline provided cyber criminals with nearly $5 million in exchange for access to ransomed computer technologies.

Roughly a week after initially reporting the ransomware attack, Colonial Pipeline has stated that transport of fuel has returned to normal levels.

The debate about ransoms

Experts remain divided over whether or not organizations should continue to pay ransoms. Some contend that it’s a private, per-instance decision. Others argue that paying ransoms perpetuates the cycle; it empowers hackers to continue with the practice.

In 2020, ransomware payments increased by more than 300%. Organizations paid hackers more than $350 million in cryptocurrency to restore systems.

The analysis

In the US, the FBI places the blame for the Colonial Pipeline attack on a strain of ransomware known as DarkSide. A private firm found that DarkSide has received over $17 million in payment since March of 2020.

Ransoms, the FBI and private firms

For years, the FBI strongly contended that organizations should not provide ransom payments to hackers. However, more recently, the FBI has attempted to gather more ransomware-related insurance data in order to recalibrate its advice.

A public-private Ransomware Task Force advocates for updated breach notification laws. These would require organizations to inform authorities regarding ransom payments. As a result, authorities would develop a better “understanding of the scope and scale of the crime”.

Ransomware has touched every industry and the controversy over paying ransoms continues. For a more in-depth Colonial Pipeline update, visit Reuters.