NAfter the hacker attack on the largest gasoline pipeline in the USA, investigators recovered the majority of a ransom payment in the digital currency Bitcoin. The US Department of Justice announced on Monday that 63.7 Bitcoin, currently valued at around 2.3 million US dollars, had been seized. The FBI was able to identify a digital wallet that hackers allegedly used to collect a payment from the company concerned, said the agency’s deputy director Paul Abbate.
The company Colonial Pipeline announced in early May that it had been the victim of a hacker attack. As a result, the pipeline, through which about 45 percent of all fuel consumed on the US east coast runs, was temporarily completely shut down. There were petrol shortages in parts of the country. The capital Washington was particularly hard hit, where at times 88 percent of the gas stations ran out of fuel. “It was an attack on one of our most important national infrastructures,” said Justice State Secretary Lisa Monaco.
Suspected hackers from Russia
The US government suspects hackers from the DarkSide group from Russia behind the crime. Both US authorities and IT security experts strongly advise companies not to pay ransom so as not to incentivize cyber criminals to blackmail them. But the pipeline operator paid, as company boss Joseph Blount admitted in the “Wall Street Journal” at the end of May. He authorized a payment of $ 4.4 million. Blount explained the controversial decision by saying that the company was unsure about the extent of the system damage caused.
According to the US Department of Justice, Colonial Pipeline had quickly notified the FBI that DarkSide had broken into the computer network and the company had paid the requested ransom of 75 Bitcoin. In so-called ransomware attacks, data on computers is encrypted – and the attackers usually demand a ransom for the release.
It is now the first time that a unit of the ministry set up specifically to combat ransomware and digital extortion has seized ransom money. “Ransom payments are the fuel that fuels the engine of digital extortion,” said Monaco. The seizure shows that the US will proceed “with all available means” to “make such attacks less profitable for criminal companies”.
Colonial chief Blount praised the work of the FBI investigators in a statement. He also said the private sector needs to take cyber threats seriously and invest to better defend against them.
“Ransomware attacks have grown in scope and sophistication over the past year, targeting our critical infrastructure, businesses of all types, entire cities and even law enforcement agencies,” said Monaco. “Ransomware and digital extortion pose a threat to national and economic security in the United States.”
Just a few weeks after the attack on the gasoline pipeline, the world’s largest meat company JBS was hit by a massive cyber attack. Large parts of production in North America and Australia were paralyzed.