Colonial Pipeline Reportedly Paid $5M Ransom to Free Data System
Source: The Street
Colonial Pipeline Co. reportedly paid Eastern European hackers almost $5 million in ransom on Friday to free up its data system, after it had shut its East Coast pipeline system.
Two knowledgeable sources provided the information to Bloomberg. Their account conflicted with reports earlier this week that the company wouldn't pay ransom to the hackers.
The payment was made in the form of untraceable cryptocurrency within hours after the attack, which had led Colonial to close its pipeline for safety, the sources said.
Once the hackers got their money, they gave Colonial a decrypting tool to restore its frozen computer network, the sources said. The tool acted slowly, so the company continued using its own backups to restore the system, one of the sources said.
Read more: https://www.msn.com/en-us/money/markets/colonial-pipeline-reportedly-paid-5m-ransom-to-free-data-system/ar-BB1gHvVG
Unlike the Trump administration, which tried to hide the hacks to the US infrastructure, Biden should treat this like a terrorist attack originating from the country of the hackers.
https://apnews.com/article/donald-trump-politics-mark-levin-coronavirus-pandemic-hacking-6080f156125a4a46edef2a6dcf826611
WASHINGTON (AP) Contradicting his secretary of state and other top officials, President Donald Trump on Saturday suggested without evidence that China not Russia may be behind the cyber espionage operation against the United States and tried to minimize its impact.
In his first comments on the breach, Trump scoffed at the focus on the Kremlin and downplayed the intrusions, which the nations cybersecurity agency has warned posed a grave risk to government and private networks.
The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control, Trump tweeted. He also claimed the media are petrified of discussing the possibility that it may be China (it may!).
There is no evidence to suggest that is the case. Secretary of State Mike Pompeo said late Friday that Russia was pretty clearly behind the operation against the United States.
Deminpenn
(15,265 posts)code, I'm sure
PSPS
(13,576 posts)Deminpenn
(15,265 posts)where every bomb is unique, but there is a discernable signature.
PSPS
(13,576 posts)Miguelito Loveless
(4,451 posts)would be a reason to ban cryptocurrency.
TomCADem
(17,380 posts)...but I bet that if Biden supports, watch Republicans immediately jump on the side of terrorists again.
Miguelito Loveless
(4,451 posts)they give me all sorts of arguments that pretty much sound the same as the nonsense I get from gun advocates who tell me guns maintain "freedom" and "protect" us from tyrannical government.
DENVERPOPS
(8,785 posts)of ending all MONEY LAUNDERING by all the white collar mob......and tyrants around the world.....
AllyCat
(16,135 posts)And tyrants? It seems that it is just easier for them to launder money through virtual currency.
Warpy
(111,115 posts)especially the tyrants.
Cryptocurrency is how drug lords and other scum move their money around.
Oh, it started out high minded, defeat the man, increase privacy, blah blah blah. Now it's a pure Ponzi scheme being exploited by some Very Bad Men (TM).
I would love to see governments unite to ban these scams, uniting in this is what it will take since new ones keep popping up like poison mushrooms.
JohnSJ
(92,058 posts)1. Money laundering
2. Ponzi scheme
jmowreader
(50,524 posts)...also drug deals and paying ransom.
JohnSJ
(92,058 posts)melm00se
(4,984 posts)Not sure how you can undo that.
Miguelito Loveless
(4,451 posts)crypto can be exchanged for legal tender. Stop that, and the party is over. Also, treat any bank/business that facilitates crypto, or any person facilitating is engaged in money laundering.
The major purpose of crypto that I have seen is to facilitate crimes such as blackmail, extortion, money laundering, and tax evasion.
melm00se
(4,984 posts)you would have to prove that.
The state cannot assume that the possessor of cryptocurrency is going to break the law.
Additionally, all it takes is one state to allow the exchange of cryptocurrency for legal tender and the system breaks down.
Miguelito Loveless
(4,451 posts)so any state that decides it wants to exchange crypto can find itself cut off from the Federal banking system. A currency can't exist without gov't tolerance at least. I would subject crypto to the same reporting requirements as regular cash. Transactions over $10K must be explained and documented.
Cryptocurrency is a financial ghost gun. Sure it MIGHT have a legitimate use, but not in practice. It pretty much exists to facilitate crime.
ffr
(22,665 posts)That'll force the Dark Web scum that use it, to run back to cash.
ProudMNDemocrat
(16,686 posts)FailureToCommunicate
(14,005 posts)will reap more than enough to cover the ransom, AND still claim they have to have the rest of us pay for their lax, hackable systems.
PSPS
(13,576 posts)The owner of the "wallet" can be identified and the funds can be frozen and clawed back.
getagrip_already
(14,602 posts)Guess which they tell you to use?
PSPS
(13,576 posts)It's just not talked about very often for obvious reasons but it is mentioned in several indictments I've read.
Warpy
(111,115 posts)so I think by now they've managed to crack Bitcoin, which is how the scammers have been traced to China.
PSPS
(13,576 posts)Warpy
(111,115 posts)It was likely premature.
getagrip_already
(14,602 posts)getagrip_already
(14,602 posts)Not all use standard blockchain and go to great lengths to obscure traceability.
Ever hear of Monero, Zcash, Komodo, or Horizen?
Not your daddies block chain.
PSPS
(13,576 posts)getagrip_already
(14,602 posts)At what cost, and what level of effort, and in what timeframe.
Untraceable doesn't mean unbreakable, just impractical.
yaesu
(8,020 posts)ancianita
(35,925 posts)Chainfire
(17,442 posts)Once again, Trump goes to bat for his buddy.
3825-87867
(835 posts)For 5 million, they could have had a rather good backup system and better security. But, hey, who cares when you really get down to it?
The company isn't going to lose on this. The "ransom" will be paid by its customers through rate increases (temporary til 2100 A.D., of course) or special fees.
Sounds like a good plan to allow companies to raise prices and set blame elsewhere and in reality, lose nothing.
The Russians didn't screw an American Company, they just stuck it up the asses of the American People. And I wouldn't be surprised if more happens.
Putin moved into 21st Century Warfare while we're still on the beach waiting for supplies that Republicans (R - Russian) claim cost too much.
And the Pipeline Company? Do you think they really care? If they did then they should have had better preparation and while their almighty bottom line is their reason to exist, they WILL get their money back (from us) and then some.
SAPs - Stupid American People
Response to 3825-87867 (Reply #11)
Post removed
3825-87867
(835 posts)I guess I needed to add the sarcasm note.
WOW! No words!
AllyCat
(16,135 posts)Completely agree with the poster. The American people get screwed and the corporation can do it again and probably make some money in the process. Unbridled American capitalism at work again...for the corporations!
3825-87867
(835 posts)DENVERPOPS
(8,785 posts)the corporations never absorb the costs of their poor decisions...........
Just wait until the good ol' USA becomes a wholly owned subsidiary of the UCA......United Corps of America.
That will just become an automatic thing when the republicans install their Corporate Fascist Tyranny.
No one has heard much from Trailer Trash Barbie and her husband Jared. Maybe Putin set them up as a malware franchisee of Putin's very own Russian hackers.........
All roads lead to Putin..............was it Pelosi that said that?
And Putin is still going after the U.S. via Kompromat he has on countless Republican leaders.........
AllyCat
(16,135 posts)DENVERPOPS
(8,785 posts)or better yet......United Corporations of Fascist America......
has a nice ring to it, don't you think? THE REPUBLICANS sure as hell do..........
neohippie
(1,142 posts)Our company went through one of these attacks and the I think most of the expenses related to it were covered by our insurance many of these policies cover extortion and then the costs to help prevent future attacks as well.
DENVERPOPS
(8,785 posts)just short of how much the cyber thieves would demand...........
and a ton more to pay for future security costs of improvement......
Soon, all these corporations will figure out a way to ask the Politicians to make a law that the federal gov't will cover the costs for a small token of what the insurance companies want for the coverage.
Crazy?
What about the Federal Insurance program for flood insurance???? No insurance company would touch flood insurance for any amount of money, so the feds offer the insurance for a considerably cheaper price. When you see all those coastline uber wealthy homes that get totaled in a hurricane????? You can be sure that a large portion is subsidized by taxpayers thru that gov't flood insurance...........
rockfordfile
(8,695 posts)TheFarseer
(9,317 posts)About finding these people and hunting them down.
Rocknation
(44,571 posts)Last edited Sun Jun 6, 2021, 10:41 PM - Edit history (1)
or Colonial plans to use the payment as an excuse to jack up post-hack gas prices...though I find it quite interesting that former President Putin Pal has started playing his "No Collusion with Russia" broken record again.
https://www.democraticunderground.com/10142742123
rocktivity
The Mouth
(3,143 posts)from a SEAL team when they figure out who it was.
I'd love to interrogate one of those 'hackers'.
Evolve Dammit
(16,689 posts)Shanti Shanti Shanti
(12,047 posts)roamer65
(36,744 posts)Go at Rosneft.
barbtries
(28,755 posts)crime pays.
neohippie
(1,142 posts)These cyber gangs are most likely linked and backed by nation states that are the enemies of the US.
North Korea, Russia and even Arabic actors are know to use these kinds of crimes to move billions of dollars from European and North American targets of ransomware attacks using crypto-currencies. The crypto-currencies allow these countries to avoid international banking and US sanctions, they allow them to get around embargos etc...
And yes the attacks all use unique decryption keys.
Its not just the crypto-currencies that allow this to happen, its also email services that allow the users to remain anonymous too that are needed so that these criminals can evade being traced as well, so they are constantly hiding behind other hacked systems to launch new attacks and jumping from one email account to another so that they are harder to trace back to the gangs or track their locations
This is a huge international problem and it will be while these nation states allow this to happen and give the criminals safe harbor
bucolic_frolic
(43,023 posts)Just askin'
Traildogbob
(8,670 posts)Right off loss on taxes, will raise price enough to get it back in a day.
ffr
(22,665 posts)FFS!
kimbutgar
(21,036 posts)Response to TomCADem (Original post)
kimbutgar This message was self-deleted by its author.
Response to TomCADem (Original post)
hamsterjill This message was self-deleted by its author.
DFW
(54,268 posts)About 2 years ago, they tried this with my outfit, too, and asked $5 million to ransom us. But our IT department anticipates this kind of attack all the time, and backs everything up offline every few hours. Back then, it was every day, but as it cost us a few days of reconstruction for that one day, we now do it every few hours. The good news is that we didn't pay those assholes a dime (or a ruble), but they probably just shrug their shoulders and move on to the next victim, and hope for better luck next time.
FBaggins
(26,714 posts)The company has reason to want people to believe that they didn't pay a ransom (or need to)... but the hackers have a reason to want people to believe that paying them is a rational decision.
NCjack
(10,279 posts)see CEOs get serious about computer security.