US authorities recover most of the ransom in the Colonial Pipeline case

Washington: Authorities in the US on Monday managed to recover most of the $4.4m (£3.1m) ransom paid to a cyber-criminal gang responsible for taking the Colonial Pipeline offline last month.

According to American officials they suspect that DarkSide, which according to them operates from eastern Europe and possibly Russia had managed to infiltrate the pipeline last month.

The unprecedented attack disrupted supplies for several days causing fuel shortages, as the pipeline carries 45% of the East Coast’s supply of diesel, petrol and jet fuel, forcing Colonial Pipeline to take itself offline on Friday 7 May after the cyber-attack.

On Monday, Deputy Attorney-General Lisa Monaco said investigators had “found and recaptured” 63.7 Bitcoin worth $2.3m – “the majority” of the ransom paid.

The US government has recommended in the past that companies to not pay criminals over ransomware attacks, in case they invite further hacks in the future.

It has since urged companies to increase security measures against ransomware attacks like this. Commerce secretary Gina Raimondo said on Sunday that President Biden would raise the issue of such attacks with Russian leader Vladimir Putin in a meeting planned this month.