Colonial Pipeline’s CEO on Wednesday acknowledged to the Wall Street Journal that his company paid a $4.4 million ransom to hackers as executives were unsure how badly its systems were breached or how long it would take to restore the pipeline.
The 5,500-mile (8,850-km) Colonial Pipeline Co system closed last week after one of the most disruptive cyberattacks on record, preventing millions of barrels of gasoline, diesel and jet fuel from flowing to the East Coast from the Gulf Coast.
Chief Executive Joseph Blount told the Journal he paid the extortion money for the greater good.
“I know that’s a highly controversial decision,” Blount was quoted as saying. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”
Blount said the decision had been “the right thing to do for the country.”
The ransom payment, which was first reported by Bloomberg, illustrates the dilemma facing companies whose networks have been compromised by online extortionists.
On the one hand, companies can be completely paralyzed by hackers with potentially far-reaching consequences in cases like Colonial’s. On the other, paying ransoms effectively passes the problem forward, allowing cash-rich cybercriminals to move on to an increasing number of targets.
U.S. officials have struggled to discourage companies from paying.
“Typically that is a private-sector decision,” Anne Neuberger, U.S. deputy national security adviser for cyber, told reporters earlier this month.
Colonial Pipeline did not immediately return a message seeking further comment. The FBI did not immediately respond to an email. The hackers, alleged to be affiliated with the DarkSide cybercrime gang, have not returned repeated messages.
A source working with Colonial and the government on the hack response and private sector security sources briefed on the situation had told Reuters last week that Colonial was not planning to pay the ransom.