The United States Department of Justice announced on Monday that it has recovered more than two million dollars in cryptocurrency paid as a ransom to Russian cybercriminals who hijacked the computer data of Colonial, one of the largest oil pipelines in the United States. The company was forced, on May 8, to suspend its operations, which created serious supply problems, as it transports 2.5 million barrels a day to the south and east of the country, including the New York metropolitan region. . “Today we have returned the game to DarkSide”, has declared the number two Justice, Lisa Monaco, after announcing the recovery this Monday afternoon. “The Justice Department has found and recovered most of the bailout” that last month suffered the pipeline network, Monaco concluded.
The seizure of the money paid by Colonial to a Russian cybercriminal network, DarkSide, marks the first time that the kidnapping imposed on a company by a computer attack has been recovered and has been possible thanks to a special body of the Department of Justice. Deputy Attorney General Monaco said at a press conference in Washington that the seizure of part of the ransom was carried out by this new task force of the Department of Justice, which was created to fight against “digital blackmail” and attacks with ransomware. “This is the first operation of its kind by the working group,” he said.
After the attack on Colonial, the FBI confirmed that DarkSide he was responsible for the cyber-data hijacking that compromised the Colonial pipeline network. “We continue to work on the investigation with the company and our partners in government,” concluded the FBI. The White House, Homeland Security, the Department of Justice, Defense, the Department of Transportation and the Department of Energy worked together so that the supply interruption was as short as possible.
Colonial CEO Joseph Blount reported last month, in an interview with the newspaper The Wall Street Journal, which paid a ransom of $ 4.4 million, as it was not known exactly the level of intrusion of cybercriminals in its data and the time it would take for the company to resume its supply. In the words of Blount to the economic newspaper: “I know that the decision has been very controversial, but it was what had to be done on behalf of the country.”
The Department of Justice team has reported that its agents have recovered about 64 bitcoins, whose equivalent would be at 2.3 million dollars. After the total closure of its operations for six days, the president of the United States, Joe Biden, signed an executive order to strengthen cybersecurity. The supply stoppage meant that more than 10,000 service stations ran out of fuel and raised fuel prices to levels unknown in the last six years.
The pipeline, which runs more than 8,850 kilometers between Texas and New York, carries the equivalent of 2.5 million barrels of gasoline, diesel and jet fuel each day, representing 45% of the entire East Coast supply. The last time Colonial’s pipeline network had been affected by a stoppage was during Hurricane Harvey, which hit the Gulf of Mexico in 2017.
Washington has long viewed with concern the possibility that countries such as China and Russia could use cyberattacks against basic infrastructure to hit the economy, while undermining the credibility of the world’s leading superpower. The previous massive cyber-hacking, already with Biden in the White House, known as SolarWinds, compromised thousands of US government computer networks and pushed the White House to adopt tough sanctions against Russia, to whom it attributed the attack.
Subscribe here to newsletter from EL PAÍS América and receive all the informative keys of the current situation of the region.