The Colonial Pipeline has begun operating normally again after paying a $5 million ransom in crypto to bad actors who digitally hijacked the pipeline’s controls.
The attack was carried out last week by the hacker group DarkSide. The firm that owns the pipeline initially said that it would not pay hackers.
Crypto ransomsware halts pipeline
However, the pressure to keep fuel going across the Eastern Seaboard forced officials to make the payment, according to sources who spoke to Bloomberg. Ransom payments are generally discouraged by the country’s top law enforcement agencies.
The crypto payment was made hours after the attack, concluding with the hackers providing a decrypting tool to reenable the network. The FBI has said that these hackers are linked to a group called DarkSide, which is likely located in Russia or Eastern Europe.
Ondrej Krehel, chief executive officer and founder of digital forensics firm LIFARS, said that the company had no choice but to make the payment. He even said that $5 million was a relatively small sum,
“Ransom is usually around $25 million to $35 million for such a company. I think the threat actor realized they stepped on the wrong company and triggered a massive government response.”
There hasn’t been too much in the way of updates since the ransom was paid, but it’s likely that the group will offer an update soon enough, if past behavior is anything to go by.
DarkSide — the wannabe Robin Hood?
DarkSide has created quite a stir within the cybersecurity world — not simply for its sophisticated operations but also for its behavior after the attack. The group said that it wants to “make the world a better place.” Such moral dilemmas are proving to be difficult, with U.S. officials also torn over what to do.
To that end, DarkSide has sometimes donated some of the stolen crypto funds to charity. This includes donations to two organizations in October 2020. One of these donations was made to Children International, who later said that it would not keep the tainted funds.
The group prefers to target large companies, rendering them non-operative until the ransom is paid. It’s gone so far as to state why it thinks it’s fair to donate to charity,
“We think that it’s fair that some of the money the companies have paid will go to charity. No matter how bad you think our work is, we are pleased to know that we helped changed someone’s life. Today we sended (sic) the first donations.”
The decision to donate to charity has perplexed law enforcement, experts, and victims, as it’s not a common act. One of those attempting to handle these donations is The Giving Block, a crypto platform focused on offering donations to various charities. All the while, more crypto-based donations are being made than ever before.
BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.