Colonial Pipeline CEO Joseph Blount warned members of the Senate Homeland Security Committee Tuesday that cybercriminals are on the offense after the fuel transportation company was hit by a $4.4 million ransomware attack last month.
The Justice Department said Monday that it recovered roughly $2.3 million in extorted bitcoin from a criminal hacking group that executed a ransomware attack on Colonial. The group, believed to be operating out of Russia and called Darkside, disabled Colonial’s computer network and demanded a cryptocurrency payment in exchange for a key that helped Colonial begin to get its network operating again.
“Criminal gangs and nation states are always evolving, sharpening their tactics, and working to find new ways to infiltrate the systems of American companies and the American government,” Blount said in his prepared testimony. “These attacks will continue to happen, and critical infrastructure will continue to be a target.”
Blount also lauded the aid provided by the federal government in helping his company restart operations, as the attack quickly led to gas shortages in several regions of the country, including the Washington, D.C. area.
He mentioned several agencies, including the Transportation Safety Administration, the Cybersecurity and Infrastructure Security Agency, and the Department of Energy, as being particularly helpful.
“It was critical for us to be able to have that one central conduit in the government, and in this case it was the DOE, who allowed us to communicate everything that was going on at the time, through one central conduit,” he told the committee. “We saw a lot of permitting changes, allowing truck drivers to drive longer hours, allowing trucks to carry more fuel.”