The US government has recovered much of the ransom paid after the cyber attack on oil pipeline company Colonial Pipeline.
The FBI found 63.7 bitcoins, which is worth about 1.7 million euros today. The unprecedented cyber attack forced Colonial Pipeline to shut down its network and endanger the fuel supply of large parts of the US.
The US Justice Department “found and recovered most” of the ransom paid by Colonial Pipeline, Deputy Attorney General Lisa Monaco said at a news conference. It concerns 63.7 bitcoins!
At the time of the hacking, bitcoin was worth a lot more. The company paid the cybercriminals nearly $5 million.
The FBI was able to recover the bitcoins because it is in possession of the “private key” (the password) to open the hackers’ bitcoin wallet. How the FBI got that password is not clear.
The Colonial Pipeline cyber attack was one of the largest and most disruptive in American history. Colonial is the largest operator of a network of strategic oil pipelines in the US. The company transports oil and gasoline on the US East Coast via a network of 9,000 kilometres of pipelines.
This is nearly half of the fuel used on the US East Coast by more than 50 million people. The military is also an important customer, and the pipeline also supplies kerosene to airports, including Atlanta airport, one of the busiest in the world.
Due to the cyber attack, the company no longer had access to its IT systems and the entire network of pipelines was shut down for security reasons. That lasted almost a week until the company paid the cybercriminals the ransom.
“Today, we turned the tables on DarkSide,” Monaco said, referring to the ransomware group suspected of being behind the attack.