The Colonial Pipeline Opens Up Again After Paying the $5 Million Ransom - Will it Inspire Copycat Hackers?
It was paid in Bitcoin too - is that the issue?
On May 7th, a Russian hacking consortium known as DarkSide managed to hack into the systems of Colonial Pipeline - the company whose oil and gas infrastructure supplies 45% of oil used on the east coast USA.
On May 14th it was announced that having given in to the demands of the hackers - paying a ransom of 75 Bitcoin (equivalent to around $5 million) - the pipeline is once again open. The hackers had seized 100 Gigabytes of sensitive data and had installed rogue software in the company's network which had forced them to shut down the pipeline as a preventative measure.
With hackers having such a hold over Colonial, it would appear they felt powerless but to pay up. DarkSide had publicly stated that their intention wasn't to cause such severe disruption, and that they were motivated by financial gain alone. Their efforts appear to have paid off!
Colonial were apparently under pressure to get the pipeline open quickly and so paid-up - service has been restored for now and the fuel shortages and increases in price that were being witnessed across the country will hopefully now cease. During the pipeline shutdown, the price of gasoline had pushed to a six and a half year high, above $3 per gallon.
The pipeline opening up again should ease pressures on fuel supplies across the country, which is welcome.
Does this mean that Bitcoin enables criminality?
One of the most common objections about digital cryptocurrencies like Bitcoin is that they fundamentally enable criminality and are predominantly used by criminals. It's a view that's often expressed by those in senior government roles - most recently by the treasury secretary Janet Yellen, who said:
"I think we really need to examine ways in which we can curtail their use, and make sure that... money laundering doesn't occur through those channels.”
It's a stance that demonstrates once again the degree to which senior government officials seem poorly informed and willfully ignorant about Bitcoin, how it works and what it represents. In real terms, the volume of transactions associated with criminality year-on-year has been declining in recent years.
Certainly, the DarkSide Hackers have preserved a degree of anonymity in receiving their ransom payment in Bitcoin - which can be sent and received anonymously. But this same anonymity has been enabled by cash for as long as that has existed too. It may be easier to trace the transmission of US dollars electronically, but unless the recipient is captured quickly, the money can quickly and easily be sent onwards and then it's lost for good.
The one advantage enabled by Bitcoin is that while the holders are anonymous, the transactions are clearly and permanently recorded in the blockchain and can be scrutinized and traced. If and when DarkSide send their Bitcoin onwards, law enforcement agencies will be able to monitor it and keep track - which may ultimately help them to capture the criminals. It was this traceability that allowed the US Government to eventually apprehend corrupt agents who had stolen Bitcoin from the Silk Road - an illicit online marketplace that was used to sell drugs and weapons and which was closed down by the FBI in 2013. They also seized the Bitcoin too.
What happens next?
Law enforcement agencies are understandably uneasy about the possibility of future copy-cat hacks by other individuals and criminal gangs who will perhaps be emboldened by Colonial having paid the ransom. Indeed, the BBC reported on the same day that Colonial paid up, that Japanese electronics firm Toshiba was currently being targeted by the same hacking group although in Toshiba's case, the data loss had been less-severe.
There's a feeling amongst governments and private sector cyber consultancies alike that the only way that ransomware attacks will be discouraged is if those targeted prove unwilling to pay. And yet when corporations are threatened with a long-term loss of business and money, or the wider public impacts are significant if they remain shut down for long (as was the case with Colonial Pipeline) then corporations may feel they have little option but to pay up. This was also the case in 2020 when the electronics firm Garmin was targeted by hacking group Evil Corp - Garmin too paid the ransom.
Until governments and businesses are better protected against hackers, and better equipped to weather attacks when they happen, we may see more cases where paying the ransom is the only option to restore systems and for business to resume.