Colonial Pipeline CEO Joseph Blount testifies during a Senate Homeland Security and Government Affairs Committee hearing one day after the Justice Department revealed it had recovered the majority of the $4.4 million ransom payment the company made in hopes of getting its system back online, Tuesday, June 8, 2021, on Capitol Hill, in Washington. (Graeme Jennings/Pool via AP)
UPDATED 1:46 PM PT – Tuesday, June 8, 2021
The CEO of Colonial Pipeline said the May ransomware attack encrypted its systems, in turn, shutting down the largest fuel pipeline in the U.S. While speaking before the Senate Homeland Security Committee Tuesday, CEO Joseph Blount said an employee first reported the attack after finding a ransom note on one of its systems. The note, which is believed to be tied to cyber criminals in Russia, demanded $5 million in exchange for unlocking the company’s files.
“We had cyber defenses in place, but the unfortunate reality is those defense were compromised,” Blount explained. “The attack forced us to make difficult choices in real time that no company ever wants to face.”
The company CEO said they immediately shutdown the pipeline to stop the attack from spreading to other networks. The cyberattack resulted in gas shortages across much of the East Coast. Blount then spoke about the company’s decision to pay $4.4 million in cryptocurrency to the hackers to get the pipeline up and running again.
“I made the decision to pay and I made the decision to keep the information about the payment as confidential as possible,” he stated. “It was the hardest decision I’ve made in my 39 years in the energy industry, and I know how critical our pipeline is to our country and I put the interests of the country first.”
The Department of Justice has since announced they were able to retrieve a majority of the funds paid. Officials confirmed they were able to recover about $2.3 million of those funds. While the FBI still discourages the payment of ransom demands, the DOJ hopes companies coming forward and working with law enforcement will continue to remedy these situations.
Blount sad the company is implementing changes to prevent future attacks. He also expressed gratitude to his employees, law enforcement, federal authorities and the White House for their response to the attack.
“We are deeply sorry for the impact that this attack had, but we are also heartened by the resilience of our country and of our company,” Blount continued.