Daily US Times: Colonial Pipeline has confirmed it paid a $4.4 million ransom to the cyber-criminal gang responsible for taking the US fuel pipeline offline.
Its boss told the Wall Street Journal newspaper that he authorised the payment on 7 May because of uncertainty over how long the shutdown would continue.
In his first interview since the hack, Joseph Blount said: “I know that’s a highly controversial decision.”
The 5,500-mile pipeline carries 2.5 million barrels a day.
According to the company, it carries 45% of the US East Coast’s supply of petrol, diesel and jet fuel.
Chief executive Mr Blount told the WSJ that the company decided to pay the ransom after discussions with experts who had previously dealt with DarkSide, the criminal organisation behind the attack.
He said: “I didn’t make [that decision] lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this. But it was the right thing to do for the country.”
In the past, the US government has recommended in the past that companies do not pay criminals over ransomware attacks, in case they invite further attacks in the future.
Colonial Pipeline took itself offline on 7 May after the cyber-attack.
In return for the Bitcoin payment, Colonial Pipeline received a decryption tool so it could unlock the systems compromised by the hackers – although that was not enough to restart systems immediately.
Operations started to resume on the pipeline last week, although petrol shortages seen across states such as Georgia and North Carolina have persisted, according to data tracking firm Gas Buddy.