[ad_1]
United States investigators recovered millions of dollars of cryptocurrency paid to Russian ransomware hackers in the Colonial Pipeline cyber attack, the Justice Department revealed on Monday.
“The Department of Justice has found and recaptured the majority of ransom Colonial paid to the DarkSide network in the wake of the ransomware attack,” said Lisa Monaco, the US deputy attorney general, during a press conference.
“Today we turned the tables on DarkSide,” Ms Monaco added.
The recovery of a ransom paid by a company who had fallen under a cyberattack to hackers was a rare occurrence.
Last month, Colonial Pipeline CEO Joseph Blount revealed in an interview with The Wall Street Journal that his company paid $4.4m in ransom in Bitcoin to DarkSide, a ransomware hacker group based in Russia, after it suffered the cyberattack.
Typically a ransomware attack involves hackers locking up computer systems by encrypting data and paralysing networks before asking for a large ransom from the targeted company to unscramble it.
The FBI has long advised companies against paying a ransom when hit by a ransomware attack, as paying the hackers gives them more incentive to target other organisations.
“The FBI does not support paying a ransom in response to a ransomware attack,” the FBI states on its website. “It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.”
But Mr Blount defended the highly controversial decision to pay the ransom given how the company’s 5,500-mile long pipeline, which runs between Texas and New Jersey, was a vital part of the United States’ fuel industry.
“It was the right thing to do for the country,” Mr Blout said at the time. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”
More follows …
[ad_2]
Source link