Skip to main content

US recovers ransom payment made to pipeline hackers

 US Justice Department says it has recovered more than half of $4.4 million paid by Colonial Pipeline to Russia-based ransomware extortionists Darkside, who had forced shutdown of major US fuel network.

Deputy US Attorney General Lisa Monaco announces the recovery of millions of dollars worth of cryptocurrency from the Colonial Pipeline Co. ransomware attacks, Justice Department in Washington, US, June 7, 2021.
Deputy US Attorney General Lisa Monaco announces the recovery of millions of dollars worth of cryptocurrency from the Colonial Pipeline Co. ransomware attacks, Justice Department in Washington, US, June 7, 2021. (Reuters)

US Justice Department has recovered the majority of a multimillion-dollar ransom payment to hackers after a cyberattack that caused the operator of the nation's largest fuel pipeline to halt its operations last month, officials said.

The operation to recover the cryptocurrency from the Russia-based hacker group is the first undertaken by a specialised ransomware task force created by the Biden administration Justice Department, and reflects what US officials say is an increasingly aggressive approach to deal with a ransomware threat that in the last month has targeted critical industries around the world.

"By going after an entire ecosystem that fuels ransomware and digital currency, we will continue to use all of our tools and all of our resources to increase the costs and the consequences of ransomware attacks and other cyber-enabled attacks," Deputy Attorney General Lisa Monaco said Monday at a news conference announcing the operation.

Georgia-based Colonial Pipeline, which supplies roughly half the fuel consumed on the East Coast, temporarily shut down its operations on May 7 after a gang of criminal hackers known as DarkSide broke into its computer system.

'Extortionists will never see this money'

Colonial officials have said they took their pipeline system offline before the attack could spread to its operating system, and decided to pay a roughly $4.4 million ransom in hopes of bringing itself back online as soon as it could.

The 63.7 bitcoin ransom — a favoured currency of hackers because of the perception that it is more difficult to trace — is currently valued at $2.3 million.

"The extortionists will never see this money," said Stephanie Hinds, the acting US attorney for the Northern District of California, where the seizure warrant was filed.

The FBI generally discourages the payment of ransom, fearing it could encourage additional hacks. Monaco said the takeaway for the private sector is that if companies come quickly to law enforcement, officials may be able to conduct similar seizures in the future.

READ MORE: Biden: Vast cyber-attack on US cannot go 'unanswered'

Comments

Popular posts from this blog

NATO Chief: No New Cold War With China

Flags of NATO member countries flutter at alliance headquarters in Brussels, Belgium, February 28, 2020. REUTERS/Francois Lenoir/File Photo NATO Secretary General Jens Stoltenberg said Monday there is no new Cold War with China but the western allies will have to adapt to the challenge of Beijing's rise. "We're not entering a new Cold War and China is not our adversary, not our enemy," Stoltenberg told reporters after a NATO leaders' summit. "But we need to address together, as the alliance, the challenges that the rise of China poses to our security." NATO leaders are expected on Monday to brand China as a security risk to the Western alliance for the first time, a day after the Group of Seven issued a statement on human rights and Taiwan that Beijing said slandered its reputation. G7 leaders, meeting in Britain over the weekend, scolded China over human rights in its Xinjiang region, called for Hong Kong to keep a high degree of autonomy and demanded a...

Can Biden-Erdogan meeting break the diplomatic impasse on key issues?

Turkey is a US ally and a NATO member, but under President Erdogan’s assertive foreign policy, Ankara has shown the capacity to go its own way if necessary. American and Turkish leaders, Joe Biden and Recep Tayyip Erdogan, will meet on June 14 at the NATO summit amid a backdrop of serious disagreements on various issues, ranging from Ankara’s purchase of Russian S-400s to Washington’s ongoing support of the YPG, the Syrian wing of the PKK, a terror group in northern Syria. There are also other issues like Biden’s recent acceptance of the 1915 incidents concerning armed fighting between Armenians and Turks during WWI as a genocide, and Washington’s previous criticism of Turkey’s assertive eastern Mediterranean policy. Despite those differences, Turkey and the US continue to have close commercial relations and across Central Asia and the Caucasus, both countries have similar political stances. Ankara, like Washington, has been also opposing Russian intervention in both the Ukrainian and ...

EU Advises Against Astrazeneca Shot in People With Rare Blood Condition

A vial of AstraZeneca coronavirus vaccine is seen at a vaccination center in Westfield Stratford City shopping center, amid the outbreak of coronavirus disease (COVID-19), in London, Britain, February 18, 2021. (REUTERS/Henry Nicholls) Europe's drug regulator on Friday advised against using AstraZeneca's COVID-19 vaccine in people with a history of a rare bleeding condition and said it was looking into heart inflammation cases after inoculation with all coronavirus shots. The European Medicines Agency's (EMA) safety committee in its evaluation said that capillary leak syndrome must be added as a new side effect to labelling on AstraZeneca's vaccine, Reuters reported. It is a condition in which blood leaks from the smallest of vessels into muscles and body cavities and is characterized by swelling and a drop in blood pressure. The regulator first began looking into these cases in April and the recommendation adds to AstraZeneca's woes after its vaccine has been dogge...