News

U.S. Recovers Millions Of Dollars Of Bitcoin Paid To Hackers To Free Up Critical Pipeline

This recovery is the first by a new group within the Biden Administration’s Justice Department that focuses on ransomware attacks, which officials recognize as a growing threat.

Deputy U.S. Attorney General Lisa Monaco speaks at a press conference with FBI Deputy Director Paul Abbate and Acting U.S. Attorney for the Northern District of California Stephanie Hinds on June 7, 2021 at the Justice Department in Washington, D.C. The DOJ announced the recovery of millions of dollars worth of cryptocurrency from the Colonial Pipeline Co. ransomware attacks. | Getty Images
Deputy U.S. Attorney General Lisa Monaco speaks at a press conference with FBI Deputy Director Paul Abbate and Acting U.S. Attorney for the Northern District of California Stephanie Hinds on June 7, 2021 at the Justice Department in Washington, D.C. The DOJ announced the recovery of millions of dollars worth of cryptocurrency from the Colonial Pipeline Co. ransomware attacks. | Getty Images

The Department of Justice has recovered the majority of a multi-million dollar ransom payment sent to hackers in the form of Bitcoin after cybercriminals infiltrated Colonial Pipeline’s operating systems and brought a major fuel line in the country to a halt last month.

The DOJ said in a statement on Monday that it had seized 63.7 bitcoins, or nearly $2.3 million, from a Russian hacker group known as DarkSide.

Colonial Pipeline revealed that they paid hackers about $4.4 million worth of cryptocurrency on May 8 to resume operations of its pipelines. The value of Bitcoin has dropped since then.

The hackers were able to get into Colonial Pipeline’s networks and left the company unable to operate its largest line on the East Coast, which led to a fuel shortage across large parts of the country.

This recovery is the first by a new group within the Biden Administration’s Justice Department that focuses on ransomware attacks, which officials recognize as a growing threat.

“Cyber criminals are employing ever more elaborate schemes to convert technology into tools of digital extortion,” Acting U.S. Attorney for the Northern District of California Stephanie Hinds said in a statement. “We need to continue improving the cyber resiliency of our critical infrastructure across the nation.”

The DOJ said that law enforcement was able to track the transfers of Bitcoins that matched what Colonial Pipeline had paid.

“Following the money remains one of the most basic, yet powerful tools we have,” Deputy Attorney General for the Department of Justice Lisa Monaco said in a statement. “Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises.”

The FBI confirmed last month that DarkSide was responsible for attacking Colonial Pipeline’s business operations with ransomware. In such attacks, a victim’s files are encrypted until they pay a ransom. Hackers tend to demand cryptocurrency as a payment because it is more difficult to track compared to traditional currencies.

Colonial Pipeline’s President and CEO said he’s committed to helping other companies be better prepared for a cyber attack.

“Our goal is to help our peers in the critical infrastructure space strengthen their cyber defenses and to collaborate across industry so that we can thwart these types of attacks before they happen,” Colonial Pipeline Company President and CEO Joseph Blount said in a statement.

Our Newsletter
By Signing Up, I Agree to the Terms and Privacy Policy.