According to Bloomberg, the ransom was paid Friday in cryptocurrency.

Though initial reports said that Colonial Pipeline would not pay a ransom to the hackers that brought the nation’s largest fuel pipeline to a halt, Bloomberg reported Thursday that the company did pony up nearly $5 million in hard-to-track cryptocurrency last Friday.

Persons familiar with the matter told Bloomberg that the ransom was paid within hours of the attack and that the U.S. government knew about the payment. However, when asked directly about this, President Joe Biden refused to comment.

DarkSide, a gang said to be located in Russia or Eastern Europe, is alleged to have mounted the ransomware attack on Colonial Pipeline last week. The privately-held company acknowledged the attack, not the payment, on Saturday and updated the status of the pipeline on Sunday.

The dilemma for victims

The government’s official position on ransomware demands is not to pay. The reason for the FBI’s advice is that succumbing to the hackers’ demands would fuel further attacks by validating the success of their nefarious business model.

Secondly, according to the FBI, there is also the risk that the attackers would not deliver on their promise to unlock the victims’ files even after being paid their ransom.

“We recognize, though, that companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data,” said Anne Neuberger, the top White House top cybersecurity official.

At the victim’s end, the choice is to pay or face the prospect of extensive business dislocation.

In the case of Colonial, the ransomware attack forced the company to shut down nearly 5,500 miles of pipeline, leading to a major disruption to the East Coast fuel supply and causing a gasoline scarcity in the Southeast.

Besides, many companies have taken out cyber insurance policies that may cover the cost of the ransom.

The Russia hand?

President Joe Biden said Monday that he intended to discuss the matter with Russian President Vladimir Putin.

“So far there is no evidence from our intelligence people that Russia is involved although there is evidence that the actor’s ransomware is in Russia, they have some responsibility to deal with this,” Biden said.

Related Story:    Colonial Pipeline Shut Down By Ransomware Attack