NewsNational

Actions

US has recovered a majority of the ransom payment made after the pipeline hack

Cybersecurity Colonial Pipeline
Posted
and last updated

WASHINGTON (AP) — The Justice Department has recovered the majority of a multimillion-dollar ransom payment to hackers after a cyberattack that caused the operator of the nation’s largest fuel pipeline to halt its operations last month.

“The Department of Justice has found and recaptured the majority of the ransom Colonial paid to the DarkSide Network in the wake of last month’s ransomware attack,” said Deputy Attorney General Lisa Monaco during a press conference Monday.

The operation to recover the cryptocurrency from the Russia-based hacker group is the first undertaken by a specialized ransomware task force created by the Biden administration Justice Department.

Georgia-based Colonial Pipeline, which supplies roughly half the fuel consumed on the East Coast, temporarily shut down its operations on May 7 after a gang of criminal hackers known as DarkSide broke into its computer system.

The DOJ says DarkSide is a ransomware-as-a-service network, meaning it sells or leases ransomware to use in attacks in return for a fee or share in the proceeds.

“DarkSide and its affiliates have digitally stalked U.S. companies for the better part of the year, and indiscriminately attacked victims that include key players in our nation’s critical infrastructure,” said Monaco. “Today, we turned the tables on DarkSide.”

When Colonial Pipeline was forced to shut down its operations, there was a major run on gas as Americans in the Southeast feared price surges and shortages.