Security News > 2021 > May > Ransomware victim Colonial Pipeline paid $5m to get oil pumping again, restored from backups anyway – report

Ransomware victim Colonial Pipeline paid $5m to get oil pumping again, restored from backups anyway – report
2021-05-13 17:44

Colonial Pipeline's operators reportedly paid $5m to regain control of their digital systems and get the pipeline pumping oil following last week's ransomware infection.

News of the payoff was broken by Bloomberg - which not only cited anonymous sources but also mocked other news outlets' anonymous sources for saying earlier this week that the American pipeline operator would never pay the ransom.

Media braggadocio aside, the Colonial Pipeline Company of Georgia is said to have paid $5m as a ransom to regain control of its systems.

Speculation abounded as to precisely what led to the shutdown of the pipeline on Friday, May 7 though the most likely explanation is that rather than compromising the operational technology controlling the pipeline's pumps and valves, the ransomware KO'd back-office systems used for monitoring oil flows and generating billing records based on those flows.

The Colonial Pipeline says it carries 100 million gallons a day of refined fuels between Houston, Texas, and New York Harbor, or 45 percent of all fuel needed on the United States' East Coast.

The pipeline carries fuel for cars and trucks, jet fuel, and heating oil, and there are reports of gasoline shortages.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/05/13/colonial_pipeline_ransom/