Colonial Pipeline’s CEO, Joseph Blount, confirmed Wednesday that the firm paid $4.4 million to ransomware attackers because executives were not sure how badly they affected the companies’ systems or how long it would take to re-start the pipeline.
“I know that’s a highly controversial decision,” he told the Wall Street Journal. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”
Some, including the FBI, have argued that the firm should not have paid the ransomware group because it would only embolden them to commit similar attacks. Ransomware is a type of malicious software that essentially takes computer systems hostage and demands payment to have the files unlocked.
“But it was the right thing to do for the country,” Blount said, adding that the pipeline has never been shut down since it was constructed. Colonial has stressed that the operational systems controlling pipeline infrastructure were not directly impacted by the attack.
Despite the pipeline having returned to normal operations, Blount said that it will take months of restoration work and millions of dollars to recover some systems that were impacted during the hack.
“We were perfectly happy having no one know who Colonial Pipeline was, and unfortunately that’s not the case anymore,” he said. “Everybody in the world knows.”
This week, Colonial confirmed to media outlets that some of its scheduling systems were down, but it stressed that it wasn’t related to the breach. In a statement to the Epoch Times on Tuesday night, a spokesperson for the firm said they were operational again.
The FBI said that the DarkSide group, which may be based in Russia and Eastern Europe, was behind the breach. President Joe Biden last week said that intelligence suggests the Kremlin wasn’t involved in the attack, although he said the Russian government bears some responsibility in dealing with criminal gangs.
DarkSide, which said in a statement last week that it is disbanding, also claimed to be apolitical and only wanted to “make money.”
The breach shut down the 5,500 mile-long network of pipelines for several days, triggering fuel shortages and panic-buying in some East Coast states.
The incident also placed renewed focus on the Biden administration’s order to shut down the construction of the Keystone XL Pipeline, which would span from the Gulf Coast to Canada, due to his focus on promoting alternative energy sources. About 20 GOP attorneys general, in a letter to the White House this week, implored Biden to restart the Keystone Pipeline in the wake of the ransomware attack.