I thought I’d pass along the explanation that the CEO of of Colonial Pipelines gave the Wall Street Journal for why he paid the hackers the ransom they were seeking:
Joseph Blount, CEO of Colonial Pipeline Co., told The Wall Street Journal that he authorized the ransom payment of $4.4 million because executives were unsure how badly the cyberattack had breached its systems, and consequently, how long it would take to bring the pipeline back.
Mr. Blount acknowledged publicly for the first time that the company had paid the ransom, saying it was an option he felt he had to exercise, given the stakes involved in a shutdown of such critical energy infrastructure. The Colonial Pipeline provides roughly 45% of the fuel for the East Coast, according to the company.
“I know that’s a highly controversial decision,†Mr. Blount said in his first public remarks since the crippling hack. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.â€
“But it was the right thing to do for the country,†he added.
I thought this quote from the piece was also interesting:
Paying ransoms to hackers can encourage more criminal activity and often doesn’t lead to a restoration of systems, said Ciaran Martin, the former head of the National Cyber Security Center, the British government’s cybersecurity agency. Companies should consider those factors when deciding whether to pay, he said.
“There are three problems contributing to the ransomware crisis,†Mr. Martin said. “One is Russia sheltering organized crime. A second is weak cybersecurity in too many places. But the third, and most corrosive, problem is that the business model works spectacularly for the criminals.â€
or, in other words, Mr. Blount’s decision may have increased future risk. I can’t comment on the role that Russia’s “sheltering organized crime” may have played but I will repeat the suggestion I’ve been making for some time: strict liability. It’s the only way to get companies to take cybersecurity as seriously as needs to be the case.
It needs to be more widely publicized that paying the ransom often doesnt get you back online anyway. Still, $5 million is a pittance for Colonial so I bet they pay it anyway. The hackers have the business model figured out pretty well.
OT- It looks like one of the primary purposes for crypto currency is so that people can more easily compete illegal transactions.
Steve
A pertinent question that isn’t asked much is why is a single pipeline carrying 45% of the fuel to the east coast?
Imagine if there was actual physical damage to the pipeline; from say a natural disaster. What would be the scale of disruption in that scenario.
Pretty much the same reason that there are relatively few railroad lines or highways—they take up substantial space with attendant environmental impact and require significant capital investment. Such things tend to gain monopolies.