WASHINGTON—The pipeline company hit by a multimillion-dollar ransomware attack last month is still working to fully restore some of its computer systems, its chief executive told lawmakers Tuesday, as he defended his decision to pay hackers a ransom.
Joseph Blount
of Colonial Pipeline Co. confirmed that investigators believe Russia-based hackers broke into his company’s computer system by logging into an out-of-use virtual private network that lacked the routine requirement that the user provide a second method of identity verification, such as a code sent to a registered phone number. A virtual private network, or VPN, enables employees to access corporate networks remotely and can provide some security protections.
“We are deeply sorry for the impact that this attack had,” Mr. Blount told the Senate Homeland Security Committee. During the hearing, he faced sharp questions from Democrats and Republicans about Colonial Pipeline’s cybersecurity practices, his decision to pay the hackers more than $4 million in the cryptocurrency bitcoin and the company’s communication with federal authorities during the hack.
Mr. Blount sat before the Senate panel one month after the attack on the company’s business computer systems prompted Colonial Pipeline to shut down the 5,500-mile pipeline pumping gasoline, diesel, jet fuel and other refined products from the Gulf Coast to Linden, N.J. The six-day shutdown spurred a run on gasoline along parts of the East Coast that pushed prices to the highest levels in more than six years and left thousands of gas stations without fuel.
On Monday, the Justice Department said authorities had recovered roughly $2.3 million in digital currency paid to the hackers, a suspected Russian gang known as DarkSide. The attack has prompted senior Biden administration officials to warn that ransomware represents an elevated national security risk. President Biden is due to meet with Russian President
Vladimir Putin
next week and has said he intends to discuss ransomware attacks as a top area of concern.
Much of the hearing focused on Colonial’s decision to pay the hackers that seized its systems. Mr. Blount said the company initiated the payment on May 8, a day after the discovery of the hack. The Federal Bureau of Investigation officially discourages victims from paying ransoms because doing so can foster a booming criminal marketplace and often won’t lead to a restoration of systems.
“I made the decision to pay, and I made the decision to keep the information about the payment as confidential as possible,” Mr. Blount said. While the decryption keys the hackers provided in exchange for the payment were somewhat “advantageous,” they didn’t work perfectly and didn’t provide for an immediate restoration of the pipeline’s services, he said.
Digital extortion schemes now routinely tally into the tens of millions of dollars, according to U.S. officials and security companies that track ransomware.
SHARE YOUR THOUGHTS
Do you think it’s a good idea for companies to pay a ransom? Join the conversation below.
Senior U.S. officials have acknowledged that companies often have little choice but to pay steep ransoms, but some lawmakers have said in recent weeks they may be open to considering legislation that could make payments in some cases illegal, or requiring companies to disclose when they make a ransom payment to hackers.
Energy Secretary
Jennifer Granholm
said Sunday on NBC that she was supportive of a ban on ransomware payments, but added, “I don’t know whether Congress or the president is at that point.”
Sen. Rob Portman, the top Republican on the Senate committee, asked Mr. Blount whether certain cybersecurity requirements could be helpful for critical infrastructure operators. “Anything that can help industry have better security practices standards to follow would be extremely helpful,” Mr. Blount replied.
Write to Dustin Volz at [email protected]
Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
For all the latest Business News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
