Colonial Pipeline is the largest oil pipeline operator in the United States. The company's pipeline is a key artery for gasoline, diesel and aviation kerosene, which are produced by refineries on the US Gulf Coast and in large megacities between Atlanta and New York.
History
2021
The arrest in Russia of a hacker allegedly involved in an attack on the company's systems
One of the hackers arrested in Russia in January 2022 at the request of the United States was allegedly involved in the attack on the largest US oil pipeline system Colonial Pipeline, the US administration said.
The State Department announced a reward of $10 million for information about hackers who hacked the Colonial Pipeline
In early November 2021, the US Department of State offered a reward of up to $10 million for information about a hacker group known as DarkSide. She is credited with a cyber attack on a vital fuel pipeline 8.8 thousand km long on the east coast of the United States. More details here.
The FBI returned 63 bitcoins out of 75 paid to hackers
In June 2021, it became known that American investigators returned millions of dollars in cryptocurrency paid as a ransom to hackers whose attack led to the shutdown of the key Colonial Pipeline pipeline last month.
The court document says that the government was able to return 63.7 Bitcoin out of 75 paid as a ransom, the original cost of which was $4.3 million.
Federal agencies are able to track the currency used to pay for such programs, although the government's ability to effectively do so in response to an ransomware attack is "situationally dependent."
However, the company took the first steps to notify the FBI and followed the instructions that helped investigators track the payment to the cryptocurrency wallet used by hackers.
The FBI in an unknown way intercepted the virtual wallet used by the hacker group DarkSide. This was stated by the first deputy director of the Federal Bureau of Investigation Paul Ebbate.
"We found a virtual wallet with cryptocurrency, which individuals from DarkSide used to receive funds from the victim. Using the powers of law enforcement agencies, we confiscated the funds belonging to the victim and did not allow individuals from DarkSide to use them, "Ebbate said at a press conference.
The fact that investigators "were able to track the untraceable and seize it possibly undermines the libertarian version of freedom from state control," said Jeffrey Halley, senior market analyst at Oanda. The consequences of this could provoke Bitcoin sales. Against the backdrop of the news, the exchange rate fell by 10% per day.
Payment of ransom to hackers for data decryption
Colonial Pipeline Co. in May 2021 paid nearly $5 million to hackers, refuting earlier reports that the company was not going to pay an extortion fee to help rebuild the country's largest fuel pipeline.
According to sources, the company paid a large ransom in untracked cryptocurrency within a few hours after the attack.
Having received payment, the hackers provided the operator with a decryption tool to restore his disconnected computer network. This tool worked so slowly that the company continued to use its own backups to restore the system.
The head of the US Department of Energy, Jennifer Granholm, said that the restart of the Colonial Pipeline pipeline was successful, and its work is normalizing.
Ransomware virus cyber attack stops pipeline operation
In May 2021, Colonial Pipeline announced that the company was subjected to a cyber attack. Some systems are "proactively" disabled, for the time being "all operations are stopped."
Due to the attack carried out using the ransomware, the company was forced to turn off part of its systems.