For the first time, Joseph Blount, CEO of Colonial Pipeline Co., told The Wall Street Journal that he authorized the ransom payment of $4.4 million on the evening of May 7 after a ransom note from hackers was found on a control room computer. He was unsure how deep the ransomware penetrated the network controlling the pipeline systems but was obligated to immediately resolve the issue as the pipeline provides approximately 45% of the fuel for the US East Coast.
Article from Zero Hedge.
This is Blount’s first public acknowledgment about the company paying the ransom to DarkSide, the cybercriminal gang believed to be based in Eastern Europe or Russia.
“I know that’s a highly controversial decision,” he said. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this.”
“But it was the right thing to do for the country,” Blount added.
DarkSide operates a “ransomware as a service” business model where they find ways to breach private networks and install malicious software designed to block access to a computer system unless a ransom is paid.
The Federal Bureau of Investigation usually advises companies not to pay the ransom due to the uncertainty of receiving ransomware tools to restore computer systems after payment. Also, it would set precedence and make the ransomware business flourish.
However, Blount quickly paid the ransom after consultation with cybersecurity experts. The payment was made the same day the ransomware was discovered, on May 7, in the form of Bitcoin. The company then received a decryption tool from DarkSide. Still, it wasn’t enough the restore the entire 5,500-mile pipeline system from Gulf Coast to Linden, New Jersey, resulting in six days of fuel stoppage and the eventual gas shortage at fueling stations up and down the East Coast. This also rocketed fuel prices to a 6.5-year high.
Last Thursday, Bloomberg said Colonial paid the hackers within hours of the attack in “untraceable” Bitcoin.
Blount told WSJ that Colonial had had segments of its pipeline closed for days or weeks due to Gulf Coast hurricanes, but having the entire system closed for nearly a week was unprecedented. In many ways, it was more devastating than any natural disaster previously seen.
He said the ransomware was found on a control room computer at 0530 ET on May 7. When workers found the ransomware, it was quickly escalated up the company’s chain of command to Blount within 30 minutes.
A short time later, Colonial shut the entire system down, spanning 13 states and Washington, DC, to prevent the infection from spreading.
Over the day, Colonial executives were in constant contact with FBI’s offices in Atlanta and San Francisco and a Cybersecurity and Infrastructure Security Agency representative, Blount said.
The CEO went onto say, through the shutdown period, the Energy Department worked alongside Colonial to provide multiple federal agencies involved in the response effort with updates.
Blount’s quick action resolved what could’ve resulted in widespread chaos across the East Coast for weeks. The pipeline’s fuel flow has returned to normal, but Blount said restoration work to recover some business systems could take months and tens of millions of dollars.
“We were perfectly happy having no one know who Colonial Pipeline was, and unfortunately that’s not the case anymore,” he said. “Everybody in the world knows.”
Still, the lingering effects of the pipeline shutdown continue Wednesday, with as many as 9.5k fuel stations are without gas.
Big improvements! Gas outages by state, 8am CT, chg since last update:
AL 6% -1%
DC 60% -7%
DE 2% N/C
FL 14% -1%
GA 35% -3%
KY 2% N/C
LA 2% N/C
MD 19% -3%
MS 6% N/C
NC 41% -3%
NJ 1% N/C
SC 38% -3%
TN 21% -2%
TX 2% N/C
VA 21% -4%
WV 5% N/C
TOTAL 9,508 stns without gas
— Patrick De Haan ⛽️📊 (@GasBuddyGuy) May 19, 2021
In a blog post Tuesday, London-based blockchain analytics firm Elliptic who identified the bitcoin wallet used by DarkSide to collect ransom payments from its victims, said the group and its affiliates collected $90 million bitcoin ransom payments over the past nine months from 47 victims.
On Tuesday, Colonial experienced another round of issues where it issued a brief statement that read: “Colonial is currently experiencing network issues impacting customers’ ability to enter and update nominations.”
So after collecting nearly $90 million in ransomware payments over the nine months and then resulting in the grand finale of paralyzing almost 50% of the US East Coast fuel system, DarkSide appears to have closed down.
‘The Purge’ by Big Tech targets conservatives, including us
Just when we thought the Covid-19 lockdowns were ending and our ability to stay afloat was improving, censorship reared its ugly head.
For the last few months, NOQ Report, Conservative Playbook, and the American Conservative Movement have appealed to our readers for assistance in staying afloat through Covid-19 lockdowns. The downturn in the economy has limited our ability to generate proper ad revenue just as our traffic was skyrocketing. We had our first sustained stretch of three months with over a million visitors in November, December, and January, but February saw a dip.
It wasn’t just the shortened month. We expected that. We also expected the continuation of dropping traffic from “woke” Big Tech companies like Google, Facebook, and Twitter, but it has actually been much worse than anticipated. Our Twitter account was banned. Both of our YouTube accounts were banned. Facebook “fact-checks” everything we post. Spotify canceled us. Medium canceled us. Apple canceled us. Why? Because we believe in the truth prevailing, and that means we will continue to discuss “taboo” topics.
The 2020 presidential election was stolen. You can’t say that on Big Tech platforms without risking cancellation, but we’d rather get cancelled for telling the truth rather than staying around to repeat mainstream media’s lies. They have been covering it up since before the election and they’ve convinced the vast majority of conservative news outlets that they will be harmed if they continue to discuss voter fraud. We refuse to back down. The truth is the truth.
The lies associated with Covid-19 are only slightly more prevalent than the suppression of valid scientific information that runs counter to the prescribed narrative. We should be allowed to ask questions about the vaccines, for example, as there is ample evidence for concern. One does not have to be an “anti-vaxxer” in order to want answers about vaccines that are still considered experimental and that have a track record in a short period of time of having side-effects, including death. One of our stories about the Johnson & Johnson “vaccine” causing blood clots was “fact-checked” and removed one day before the government hit the brakes on it. These questions and news items are not allowed on Big Tech which is just another reason we are getting canceled.
There are more topics that they refuse to allow. In turn, we refuse to stop discussing them. This is why we desperately need your help. The best way NOQ, CP, and ACM readers can help is to donate. Our Giving Fuel page makes it easy to donate one-time or monthly. Alternatively, you can donate through PayPal as well. We are pacing to be short by about $3700 per month in order to maintain operations.
The second way to help is to become a partner. We’ve strongly considered seeking angel investors in the past but because we were paying the bills, it didn’t seem necessary. Now, we’re struggling to pay the bills. We had 5,657,724 sessions on our website from November, 2020, through February, 2021. Our intention is to elevate that to higher levels this year by focusing on a strategy that relies on free speech rather than being beholden to progressive Big Tech companies.
During that four-month stretch, Twitter and Facebook accounted for about 20% of our traffic. We are actively working on operating as if that traffic is zero, replacing it with platforms that operate more freely such as Gab, Parler, and others. While we were never as dependent on Big Tech as most conservative sites, we’d like to be completely free from them. That doesn’t mean we will block them, but we refuse to be beholden to companies that absolutely despise us simply because of our political ideology.
We’re heading in the right direction and we believe we’re ready talk to patriotic investors who want to not only “get in on the action” but more importantly who want to help America hear the truth. Interested investors should contact me directly with the contact button above.
As the world spirals towards radical progressivism, the need for truthful journalism has never been greater. But in these times, we need as many conservative media voices as possible. Please help keep NOQ Report going.
Join fellow patriots as we keep Americans informed and advance the cause of conservatism.
All ORIGINAL content on this site is © 2021 NOQ Report. All REPUBLISHED content has received direct or implied permission for reproduction.
With that said, our content may be reproduced and distributed as long as it has a link to the original source and the author is credited prominently. We don’t mind you using our content as long as you help out by giving us credit with a prominent link. If you feel like giving us a tip for the content, we will not object!
JD Rucker – EIC