Daily US Times: The United States has recovered most of the $4.4 million ransom paid to a cyber-criminal group responsible for taking the Colonial Pipeline offline last month.
DarkSide – which US officials said operates from possibly Russia – infiltrated the Colonial pipeline last month.
The attack disrupted supplies in several US states for several days causing fuel shortages.
The Colonial pipeline carries 45% of the East Coast’s supply of diesel, petrol and jet fuel, according to the firm.
Deputy Attorney-General Lisa Monaco said on Monday that investigators had “found and recaptured” 63.7 Bitcoin worth $2.3m – “the majority” of the ransom paid.
In the past, the US government has recommended that companies do not pay criminals over ransomware attacks, in case they invite further hacks in the future.
The government has since urged companies to increase security measures against ransomware attacks like this. On Sunday, commerce secretary Gina Raimondo said that President Joe Biden would raise the issue of such attacks with Russian leader Vladimir Putin in a meeting planned this month.
After the cyber-attack, Colonial Pipeline took itself offline on Friday 7 May.
Colonial Pipeline’s chief executive Joseph Blount said in a statement that his firm was grateful for the “swift work and professionalism” of the FBI, which helped to recover the ransom.
He added: “Holding cyber criminals accountable and disrupting the ecosystem that allows them to operate is the best way to deter and defend against future attacks.”