About half of the $4.4 million bitcoin ransom paid last month to the Russian hacking group DarkSide by Colonial Pipeline has been recovered by US officials, the Justice Department announced Monday.
Deputy Attorney General Lisa Monaco said they were able to get back about $2.3 million of the ransom thanks to what she called Colonial’s “quick notification to law enforcement.”
“Today, we turned the tables on DarkSide,” Monaco said, before calling on US companies and government organizations to treat the threat of cyberattacks as a “clear and present danger.”
The ransomware attack on Colonial’s computer systems shut down the largest fuel pipeline in the US for five days, leading to gas shortages and panic buying across the Southeast.
Colonial officials previously said they took their pipeline system offline before the attack could spread to its operating system and paid the ransom to get back online as soon as possible.
Monaco accused Russia-based DarkSide and its affiliates of “digitally stalking US companies for the better part of last year and indiscriminately attacking victims that include key players in our nation’s infrastructure.
“Pay attention now. Invest resources now,” she said in a warning to companies. “Failure to do so could be the difference between being secure now or a victim later.”