First Thing, Daily Maverick's flagship newsletter

Join the 230 000 South Africans who read First Thing newsletter.

A South African Hero: You

There’s a 99.7% chance that this isn’t for you. Only 0.3% of our readers have responded to this call for action.

Those 0.3% of our readers are our hidden heroes, who are fuelling our work and impacting the lives of every South African in doing so. They’re the people who contribute to keep Daily Maverick free for all, including you.

We need so many more of our readers to join them. The equation is quite simple: the more members we have, the more reporting and investigations we can do, and the greater the impact on the country. We are inundated with tip-offs; we know where to look and what to do with the information when we have it – we just need the means to help us keep doing this work.

Be part of that 0.3%. Be a Maverick. Be a Maverick Insider.

Support Daily Maverick→
Payment options

U.S. Recovered Majority of Ransom Paid in Colonial Pipe...



U.S. Recovered Majority of Ransom Paid in Colonial Pipeline Hack

Storage tanks at a Colonial Pipeline Inc. facility in Avenel, New Jersey, U.S., on Wednesday, May 12, 2021. Motorists across a broad swath of the U.S. East Coast and South are struggling to find gasoline and diesel as filling stations run dry amid the unprecedented pipeline disruption caused by a criminal hack. Photographer: Mark Kauzlarich/Bloomberg
By Bloomberg
07 Jun 2021 1

The U.S. has recovered the majority of the $4.4 million in cryptocurrency ransom paid to the perpetrators of the cyber attack on Colonial Pipeline Co. last month that temporarily halted fuel supplies across the U.S. east coast, Deputy Attorney General Lisa Monaco said.

(Bloomberg) —

“Ransomware attacks are always unacceptable but when they target critical infrastructure we will spare no effort in our response,” Monaco told reporters on Monday.

Deputy FBI Director Paul Abbate said law enforcement identified a virtual wallet used in the ransom payment and then recovered the funds. He said investigators have found more than 90 companies victimized by DarkSide, a Russia-linked cybercrime group blamed in the pipeline hack.

“Today we turned the tables on DarkSide,” Monaco said, as she called on companies to invest more to protect their critical infrastructure and intellectual property. “DarkSide and its affiliates have been digitally stalking U.S. companies for the better part of last year.”

The ransomware attack in May caused fuel shortages at gasoline stations in several states and even affected operations by some airlines and airports. It was part of an increasing trend of such acts against critical infrastructure that is posing an early test of President Joe Biden’s administration.

Colonial Pipeline ended up paying DarkSide in order to help restore its operations.

U.S. intelligence and law enforcement officials say stopping hacking attacks has become a national security priority, and the issue has raised tensions between the U.S. and Russia. Biden plans to bring up hacking attacks when he meets with Russian President Vladimir Putin next week, White House Press Secretary Jen Psaki said.

The message at the one-on-one meeting in Geneva on June 16 will be that “responsible states do not harbor ransomware criminals, and responsible countries must take decisive action against those ransomware networks,” Psaki said. Putin has denied knowing about or being involved in ransomware attacks.

Brazilian-based JBS SA, the world’s largest meat processor, restarted beef production last week after a ransomware attack forced it to halt operations across the globe.

© 2021 Bloomberg L.P.

Comments - share your knowledge and experience

Please note you must be a Maverick Insider to comment. Sign up here or sign in if you are already an Insider.

Everybody has an opinion but not everyone has the knowledge and the experience to contribute meaningfully to a discussion. That’s what we want from our members. Help us learn with your expertise and insights on articles that we publish. We encourage different, respectful viewpoints to further our understanding of the world. View our comments policy here.

All Comments 1

  • I am confused — first by the headline, 52% recovered is not a great majority, more like half. Then in the in the article the FBI Director announces that the funds were recovered. The funds or half the funds?

Please peer review 3 community comments before your comment can be posted