“We are deeply sorry for the impact that this attack had, but are also heartened by the resilience of our country and of our company,” Colonial Pipeline Co. Chief Executive Officer Joseph Blount said at Tuesday’s hearing.
Blount’s appearance before the Senate Homeland Security and Governmental Affairs Committee comes as Congress readies its response to the hack, which affected 45% of the East Coast’s fuel supply, driving up gasoline prices and sparking shortages at filling stations along the East Coast after the company shut the roughly 5,500-mile pipe May 7.
“Protecting the American people from these sophisticated, harmful and growing attacks will not be easy,” said Senator Gary Peters, a Democrat from Michigan and chairman of the committee, at the start of the hearing. “Inaction is simply not an option.”
The hackers, who the FBI said have been linked to a group known as DarkSide operating in Russia, were able to breach the company’s computer system April 29 using a virtual private network account, an encrypted internet connection that allowed employees to remotely access the company’s computer network.
The “legacy” network “was not intended to be in use,” Blount, who took over as Colonial CEO in 2017. Blount said the company is still trying to determine how the hackers gained the needed credentials to exploit it.
Blount paid the ransom in order to have the company’s IT systems unlocked, a move he said was “the hardest decision I’ve made in my 39 years in the energy industry.”
“I believe with all my heart it was the right choice to make,” Blount told the committee.
The Department of Justice announced Monday it had recovered the majority of the payment Blount made to the perpetrators in crypto currency after law enforcement identified a virtual wallet used in the ransom payment. Because of the declining value of Bitcoin since the ransom was paid, the U.S. seizure in late May amounted to $2.3 million, just over half the $4.4 million paid weeks earlier after the ransom was demanded.
The ransomware attack on Colonial is part of a rising trend of such acts against critical infrastructure that is posing an early test of President Joe Biden’s administration.
A cyberattack on JBS SA, the largest meat producer globally, forced the shutdown of all its U.S. beef plants, wiping out output from facilities that supply almost a quarter of American supplies.
U.S. intelligence and law enforcement officials say stopping hacking attacks has become a national security priority.
Congress is also considering a legislative response that could include mandates that energy and pipeline companies have spent years opposing.