WASHINGTON, June 8 (NNN-AGENCIES) — The Justice Department recovered some $2.3 million in cryptocurrency ransom paid by Colonial Pipeline Co, cracking down on hackers who launched the most disruptive US cyberattack on record.
Deputy Attorney General Lisa Monaco said investigators had seized 63.7 bitcoins, now valued at about $2.3 million, paid by Colonial after last month’s hack of its systems that led to massive shortages at US East Coast gas stations.
The Justice Department has “found and recaptured the majority” of the ransom paid by Colonial, Monaco said.
An affidavit filed on Monday said the FBI was in possession of a private key to unlock a bitcoin wallet that had received most of the funds. It was unclear how the FBI gained access to the key.
A judge in San Francisco approved the seizure of funds from this “cryptocurrency address,” which the filing said was located in the Northern District of California.
Colonial Pipeline had said it paid the hackers nearly $5 million to regain access.
Bitcoin seizures are rare, but authorities have stepped up their expertise in tracking the flow of digital money as ransomware has become a growing national security threat and put a further strain on relations between the United States and Russia, where many of the gangs are based.
The hack, attributed by the FBI to a gang called DarkSide, caused a days-long shutdown that led to a spike in gas prices, panic buying and localized fuel shortages. It posed a major political headache for President Joe Biden as the US economy was starting to emerge from the COVID-19 pandemic.
The White House urged corporate executives and business leaders last week to step up security measures to protect against ransomware attacks after the Colonial hack and later intrusions that disrupted operations at a major meatpacking company.
Deputy FBI Director Paul Abbate, who spoke at the same news conference as Monaco, described DarkSide as a Russia-based cybercrime group.
Abbate said the FBI was tracking more than 100 ransomware variants. DarkSide itself victimized at least 90 U.S. companies, including manufacturers and healthcare providers, he said.
Colonial Chief Executive Joseph Blount, who will testify before the Senate on Tuesday, said in a statement that the company had worked closely with the FBI from the beginning and was “grateful for their swift work and professionalism.”
“Holding cyber criminals accountable and disrupting the ecosystem that allows them to operate is the best way to deter and defend against future attacks,” Blount said.
Commerce Secretary Gina Raimondo said the Biden administration was looking at all options to defend against ransomware attacks and that the topic would be on the agenda when Biden meets Russian President Vladimir Putin this month. — NNN-AGENCIES
