(Reuters) — Colonial Pipeline paid nearly $5 million to Eastern European hackers on Friday after a crippling cyberattack that shut the largest fuel pipeline network in the United States, Bloomberg News reported, citing two people familiar with the transaction.
The company paid the ransom in untraceable cryptocurrency within hours after the attack, according to the report.
Colonial Pipeline declined to comment.
Whether targets of such attacks should pay to regain control of their systems is a matter of fierce debate. Critics contend that paying ransom encourages attacks.
U.S. House of Representative Speaker Nancy Pelosi said on Thursday ransom should not be paid by companies that are the victims of cyber attacks.
The hackers provided Colonial Pipeline with a decrypting tool to restore its disabled computer network after they received the payment, but the company used its own backups to help restore the system since the tool was slow, Bloomberg News reported.
After a six-day outage, the top U.S. fuel pipeline, which carries 100 million gallons per day of gasoline, diesel and jet fuel, moved some of the first millions of gallons of motor fuels on Thursday.
The shutdown caused gasoline shortages and emergency declarations from Virginia to Florida, led two refineries to curb production and had airlines reshuffling some refueling operations.
The FBI earlier this week accused a shadowy criminal gang called DarkSide for the ransomware attack. The group has not directly taken credit, but on Wednesday it claimed to have breached systems at three other companies.
A terse news release posted to DarkSide’s website did not directly mention Colonial Pipeline but, under the heading “About the latest news,” it noted that “our goal is to make money, and not creating problems for society”.
The White House declined to weigh in on Monday whether companies that are hacked such as Colonial Pipeline should pay ransom to their attackers, but a national security official said it may offer some advice in the future.
© 2021 Thomson Reuters.