Security News > 2021 > May > Colonial Pipeline CEO Explains $4.4M Ransomware Payment
Colonial Pipeline chief executive Joseph Blount has confirmed the company shelled out $4.4 million to purchase a decryption key to recover from the disruptive ransomware attack that caused gasoline shortages in parts of the U.S. A Wall Street Journal report said Colonial Pipeline made the $4.4 million payment on the evening of May 7 in the form of bitcoin.
"Colonial Pipeline is critical to the economic and national security of our nation," a company spokesperson told SecurityWeek.
"When we were attacked on May 7, a decision was quickly made to take our entire system offline. We needed to do everything in our power to restart the system quickly and safely. The decision was made to pay the ransom. This decision was not made lightly one that had to be made. Tens of millions of Americans rely on Colonial - hospitals, emergency medical services, law enforcement agencies, fire departments, airports, truck drivers and the traveling public. Our focus remains on continued operations to safely deliver refined products to communities we serve."
The Colonial Pipeline CEO told the WSJ that making the ransom payment was "The right thing to do for the country."
The U.S. Federal Bureau of Investigation and law enforcement agencies typically advise against ransom payments to cybercriminals, especially since some payments may be subject to international sanctions violations.
Even U.S. government organizations have been known to pay significant amounts of money to cybercriminals following ransomware attacks.
News URL
Related news
- Ransomware group maturity should influence ransom payment decision (source)
- Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware! (source)
- Ransomware payments drop to record low of 28% in Q1 2024 (source)
- Ransomware negotiator weighs in on the extortion payment debate with El Reg (source)