Colonial Pipeline CEO Joseph Blount told the Wall Street Journal that he knew his decision to pay cyberattackers $4.4. million was “highly controversial” but thought it necessary for the pipeline company that says it provides nearly half of all fuel consumed on the East Coast.
“I didn’t make it lightly,” Mr. Blount said of his decision. “I will admit that I wasn’t comfortable seeing money go out the door to people like this. … But it was the right thing to do for the country.”
Cyberattackers hit Colonial Pipeline with ransomware, which is malicious software that holds data and systems hostage until victims pay to regain access.
The company has said it proactively shut down its pipeline after discovering the cyberattack, which led to gas lines and fuel shortages across the eastern United States.
According to federal officials, the cyberattackers hit the company’s information technology network. The U.S. government has attributed the cyber breach to DarkSide, a ransomware family believed to be based in Russia that has since been observed to be disbanding.
In a joint cybersecurity advisory on May 11, the federal government warned those hit with ransomware against paying up.
According to the Journal, Colonial paid its ransom on May 7, the same day that the company said it first learned of the cyberattack on its systems.