One thing you're never supposed to do is pay a ransom. The Federal Bureau of Intelligence (FBI) has been advising companies against doing this for years when they're hit with a ransomware attack like Colonial Pipeline Co. was. According to the FBI, paying a ransom "doesn't guarantee you or your organization will get any data back" and it also "encourages perpetrators to target more victims."
But Colonial Pipeline CEO Joseph Blount made the decision to make the $4.4 million ransom payment the night the company learned of the attack because "executives were unsure how badly the cyberattack had breached its systems or how long it would take to bring the pipeline back," reports The Wall Street Journal.
Mr. Blount acknowledged publicly for the first time that the company had paid the ransom, saying it was an option he felt he had to exercise, given the stakes involved in a shutdown of such critical energy infrastructure. The Colonial Pipeline provides roughly 45% of the fuel for the East Coast, according to the company.
“I know that’s a highly controversial decision,” Mr. Blount said in his first public remarks since the crippling hack. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”
“But it was the right thing to do for the country,” he added. […]
Mr. Blount said Colonial paid the ransom in consultation with experts who had previously dealt with the criminal organization behind the attacks. He and others involved declined to detail who assisted in those negotiations. Colonial said it has cyber insurance, but declined to provide details on ransomware-related coverage. (WSJ)
Even after being given the decryption tool, the pipeline was shut down for six days, prompting shortages along the East Coast. And it will take months for some parts of its systems to return to normal, costing the company tens of millions. Another downside is the company's loss of anonymity.
"We were perfectly happy having no one know who Colonial Pipeline was, and unfortunately that’s not the case anymore," Blount told WSJ. "Everybody in the world knows."
