Colonial Pipeline CEO Says Paying Ransom Was 'Right Thing To Do For Country'

By Paloma Green On 5/19/21 at 3:02 PM EDT

Joseph Blount, Colonial Pipeline CEO, told the Wall Street Journal on Wednesday that paying $4.4 million to ransomware attackers was "the right thing to do for the country," as the company didn't know the full extent of the attack on the pipeline system that is responsible for delivering 45% of the East Coast's gasoline.

Blount said that Colonial Pipeline consulted with experts who were familiar with Darkside, the group who attacked the pipeline, prior to paying the ransom. The FBI does not recommend that victims of ransomware attacks pay off the attackers as it may encourage further attacks.

"I know that's a highly controversial decision," Blount said to the Wall Street Journal. "I didn't make it lightly. I will admit that I wasn't comfortable seeing money go out the door to people like this."

A Colonial Pipeline storage site in Charlotte, North Carolina on May 12, 2021. - Fears that the shutdown of the Colonial Pipeline because of a cyberattack would cause a gasoline shortage led to some panic buying and prompted US regulators on May 11, 2021 to temporarily suspend clean fuel requirements in three eastern states and the nation's capital. LOGAN CYRUS/AFP via Getty Images

For more reporting by the Associated Press see below.

Many victims of ransomware attacks, where hackers demand large sums of money to decrypt stolen data or to prevent it from being leaked online, opt to pay.

Multiple sources had confirmed to The Associated Press that Colonial Pipeline had paid the criminals who committed the cyberattack a ransom of nearly $5 million in cryptocurrency for the software decryption key required to unscramble their data network.

A ransom payment of 75 Bitcoin was paid the day after the criminals locked up Colonial's corporate network, according to Tom Robinson, co-founder of the cryptocurrency-tracking firm Elliptic. Prior to Robinson's blog post, two people briefed on the case had confirmed the payment amount to AP.

Blount told the Journal the attack was discovered around 5:30 a.m. on May 7. It took Colonial about an hour to shut down the pipeline, which has 260 delivery points across 13 states and Washington, D.C., Blount said. That helped prevent the infection from potentially migrating to the pipeline's operational controls.

Colonial, which is based in Alpharetta, Georgia, halted fuel supplies for nearly a week. That led to panic-buying and shortages at gas stations from Washington, D.C. to Florida.

Colonial restarted its pipeline a week ago, but it took time to resume a full delivery schedule, and the panic-buying led to gasoline shortages. More than 9,500 gas stations were out of fuel on Wednesday, including half of the gas stations in D.C. and 40% of stations in North Carolina, according to Gasbuddy.com, which tracks fuel prices and station outages.

Entrance of Colonial Pipeline — Tanker trucks are parked near the entrance of Colonial Pipeline Company Wednesday, May 12, 2021, in Charlotte, N.C. The operator of the nation’s largest fuel pipeline has confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems. That's according to a report from the Wall Street Journal. Colonial Pipeline’s CEO Joseph Blount told the Journal that he authorized the payment after the ransomware attack because the company didn’t know the extent of the damage. Chris Carlson/AP Photo