Its very interesting how stories like this one come about. Krebs on Security gives us this one, and I found it quite interesting how this happens.
Usually we hear that the money is gone, the ransom is paid, and that is the end of it.
On May 7, the DarkSide ransomware gang sprang its attack against Colonial, which ultimately paid 75 Bitcoin (~$4.4 million) to its tormentors. The company said the attackers only hit its business IT networks — not its pipeline security and safety systems — but that it shut the pipeline down anyway as a precaution [several publications noted Colonial shut down its pipeline because its billing system was impacted, and it had no way to get paid].
So we’re learning that the business side was affected, not the pipeline side which is great news! I know it must have been a hard decision to shut down the pipeline as a precaution becuase you didn’t know how far this attack could go.
There’s plenty more from Brian, so please read the article Justice Dept. Claws Back $2.3M Paid by Colonial Pipeline to Ransomware Gang for complete details.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.