The CEO of Colonial Pipeline appeared before the Senate Homeland Security Committee on Tuesday to address the hacking of their pipeline on May 4th.
Joseph Blount, The Colonial Pipeline CEO, apologized for the company’s vulnerability to the ransomware attack that forced the company to shut down their pipeline, which supplies 45 percent of the fuel consumed on the East Coast. The ensuing panic affected customers from Texas to New York.
Senator Rob Portman (R-OH) wanted to know why the company paid the ransom to the hackers, who used the DarkSide ransomware variant. Describing the payment of 75 bitcoin, which at the time was approximately $4.4 million, Blunt said it was “one of the toughest decisions I have made in my life.” However, he said, they did it because “restoring crucial infrastructure as quickly as possible, in this situation, was the right thing to do for the country,” The Associated Press reports.
Blount also said that not paying the hackers would have led to “pandemonium” and that the consequences of not paying are “an unknown that we probably don’t want to play out in a public forum.”
The hearing took place one day after Deputy Attorney General Lisa Monaco announced that the new ransomware task force was able to rescue 36.7 of the 45 bitcoin that Colonial paid in ransom. Because of the drop in the cryptocurrency market, it is currently valued at approximately $2.3 million. Monaco said the newly created Department of Justice taskforce had “turned the tables on DarkSide.”
The hearing also focused on preventing attacks like this in the future. Committee Chairman Gary Peters (D-MI) said, “The next time an incident like this happens, unfortunately, it could be worse.” According to ABC News, he emphasized the need to “step up our cyber-security readiness” because the consequences of not doing so “will be severe.”
Sen. Peters to Colonial Pipeline CEO on ransomware attack: "I am alarmed that this breach ever occurred in the first place." https://t.co/dHvae6mHQw pic.twitter.com/UDZ4LPsegd
— ABC News Politics (@ABCPolitics) June 8, 2021
Blount agreed that the private sector must also act to beef up its own security. He said it must “continue to take cyber threats seriously and invest accordingly to harden our defenses.”
An administration official told The Washington Post that President Biden intends to bring this issue up at the G7 meeting next month in Great Britain. He said that the President also plans to “directly” address the issue with Russian President Vladimir Putin.
Photo courtesy: ©Getty Images/Pool
Scott Slayton writes at “One Degree to Another.”