Colonial Pipeline CEO defends ransom payment to hackers

0
11

[ad_1]

WASHINGTON — Colonial Pipeline CEO Joseph Blount stood by his decision to pay a massive ransom to Russian hackers who shut down the fuel line last month, telling a Senate committee it was in the best interest of the country.

“The attack forced us to make difficult choices in real time that no company ever wants to face,” he told members of the Senate Committee on Homeland Security and Governmental Affairs.

“I know how critical our pipeline is to the country, and I put the interest of the country first,” he added. “I kept the information closely held because we were concerned about operational safety and security, and we wanted to stay focused on getting the pipeline back up and running. I believe with all my heart it was the right choice to make.”

On May 7, Colonial — which is responsible for transporting almost half of the gasoline on the Eastern Seaboard — paid the Russia-based hacker group DarkSide 75 bitcoins, which was worth roughly $4.3 million at the time.

Colonial Pipeline CEO Joseph Blount
Colonial Pipeline CEO Joseph Blount supported his company’s decision to cough up 75 bitcoins to Russian hacker group DarkSide.
Pool/Getty Images

“Darkside demanded a financial payment in exchange for a key to unlock the impacted systems,” Blount said. “We had cyber defenses in place, but the unfortunate reality is that those defenses were compromised.”

Blount said the decision to pay up to get a cyber key to restart the pipeline — despite FBI warnings to not pay ransoms — was the “hardest decision” he’s had to make during his career. But he doesn’t regret it.

Drivers line up for miles by gas stations amid a gasoline shortage from the Colonial Pipeline shutdown in Alexandria, Virginia on May 12, 2021.
Drivers line up for miles by gas stations amid a gasoline shortage from the Colonial Pipeline shutdown in Alexandria, Virginia on May 12, 2021.
EPA

“But I am proud of the way our people reacted quickly to isolate and contain the attack, so that we could get the pipeline back up and running safely. I’m also very grateful for the immediate and sustained support of law enforcement and federal authorities, including the White House,” he said.

The Department of Justice announced on Monday that it was able to recover nearly half of the ransom paid to the hacking group, but the company will still take a financial hit since the value of bitcoins has dropped since May.

Deputy US Attorney General Lisa Monaco
Deputy US Attorney General Lisa Monaco announced millions of dollars worth of cryptocurrency were recovered from Colonial Pipeline’s ransomware attacks during a news conference at the Justice Department in Washington, DC on June 7, 2021.
POOL/AFP via Getty Images

Blount said Colonial worked “quietly and quickly worked with the law enforcement,” which he credits for the recovery of a portion of the funds.

Blount apologized for the impact the hack has on the country, which led to gas shortages and a sharp uptick in gas prices.

Colonial Pipeline's Linden Junction Tank Farm in Woodbridge, NJ.
Colonial Pipeline’s Linden Junction Tank Farm in Woodbridge, NJ.
Getty Images

The hackers managed to breach the company’s system due to the lack of multi-factor authentication, but Blout vowed that stronger security measures would be put in place.

“It was a complicated password, I want to be clear on that, it was not a ‘colonial123’ type password,” he said.

A Colonial Pipeline facility in Austell, Georgia.
A Colonial Pipeline facility in Austell, Georgia.
EPA

“We are deeply sorry for the impact that this attack had, but are heartened by the resilience of our country and of our company.”

[ad_2]

Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here