Flags fly in front of a Colonial Pipeline Co. storage tank at a facility in the Port of Baltimore in Baltimore, Maryland, U.S., on Tuesday, May 11, 2021.
Samuel Corum | Bloomberg | Getty Images
WASHINGTON – The Colonial Pipeline Co. paid a ransom to hackers after it fell victim to a cyberattack a source familiar with the situation tells CNBC.
It was not immediately clear how much and when the company paid the ransom. Colonial Pipeline did not immediately respond to CNBC’s request for comment.
Earlier on Thursday, President Joe Biden declined to comment on if Colonial Pipeline paid the ransom.
The assault, carried out by the criminal cyber group known as DarkSide, forced the company to shut down approximately 5,500 miles of pipeline, leading to a disruption of nearly half of the nation’s East Coast fuel supply. Ransomware attacks involve malware that encrypts files on a device or network that results in the system becoming inoperable. Criminals behind these types of cyberattacks typically demand a ransom in exchange for the release of data.
On Monday, White House national security officials described the attack as financially motivated in nature but would not say if Colonial Pipeline agreed to pay the ransom.
“Typically that’s a private sector decision,” Anne Neuberger, deputy national security advisor for cyber and emerging technologies, told reporters at the White House when asked about the ransom payment.
“We recognize that victims of cyberattacks often face a very difficult situation and they have to just balance often the cost-benefit when they have no choice with regards to paying a ransom. Colonial is a private company and we’ll defer information regarding their decision on paying a ransom to them,” Neuberger said.
Deputy National Security Advisor for Cyber & Emerging Technologies Anne Neuberg speaks about the Colonial Pipeline outage following a cyber attack during the daily press briefing at the White House in Washington, U.S., May 10, 2021.
Kevin Lemarque | Reuters
She added that the FBI has previously warned victims of ransomware attacks that paying a ransom could encourage further malicious activity.
On Wednesday, Colonial Pipeline said in an evening statement that it had restored its operations after the entire system was kicked offline from the ransomware attack.
“Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period. Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal,” the company added.
This is breaking news. Please check back for updates.