"We are deeply sorry for the impact that this attack had, but are also heartened by the resilience of our country and of our company," Joseph Blount, the CEO of the Colonial Pipeline Company, told the Senate Homeland Security and Governmental Affairs Committee on Tuesday.
- Now the CEO of Colonial Pipeline is defending his decision to shut down one of the country's most important pipelines and pay ransom to criminals. Testifying before Congress, Joseph Blount admitted that despite spending about $40 million a year on cybersecurity, Colonial Pipeline did not have a dedicated ransomware response plan.
- Now the FBI was able to recover more than $2 million of the $4 million paid to the cyber criminals called the Dark Side. CBS 4's Debra Alfarone has the latest from Capitol Hill.
DEBRA ALFARONE: The head of Colonial Pipeline says paying a ransom to get control back of the company's computer system following last month's cyber attack was the hardest decision he's made in his career.
JOSEPH BLOUNT: We wanted to stay focused on getting the pipeline back up and running. I believe with all my heart it was the right choice to make.
DEBRA ALFARONE: The ransomware attack crippled one of the country's biggest gas pipelines and led to fuel shortages. CEO Joseph Blount testified hackers exploited a virtual private network that was not supposed to be in use.
JOSEPH BLOUNT: We are deeply sorry for the impact that this attack had.
DEBRA ALFARONE: Some lawmakers questioned the wisdom of paying the Russian based hackers, known as Dark Side.
MAGGIE HASSAN: The FBI and other federal agencies strongly discourage paying ransom because it incentivizes more people to become cyber criminals.
DEBRA ALFARONE: Blount told senators Colonial was in the process of scheduling a cybersecurity review with the TSA when the pandemic and other issues got in the way.
JOSH HAWLEY: Do you regret not doing that in retrospect?
JOSEPH BLOUNT: Senator, anything that you could do is always helpful.
DEBRA ALFARONE: Colonial's CEO also testified that the company's quick and quiet collaboration with law enforcement may have helped the Justice Department get back a large chunk of that ransom money. Newly released court documents show investigators use digital fingerprints to track those funds to an online wallet for Dark Side. The FBI then obtained the wallets private key to recover about $2.3 million, about $2 million has yet to be recovered. Debra Alfarone, CBS News, Capitol Hill.
- The FBI is still investigating more than 100 types of ransomware attacks including last week's attack on meat distributor JBS. President Biden is expected to discuss the recent attacks with Russian President Vladimir Putin when the two meet this month.
- The headline making cyber attacks have affected numerous industries, CBS News Chief Justice and Homeland Security correspondent Jeff Pegues explains why these attacks appear to be more prevalent.
JEFF PEGUES: The Colonial Pipeline cyber attack, ransomware attack, which was so public in so many ways and here's why, it was really hitting people in their pocketbooks because they were lining up to get gas and there was no gas. And so at that point I think for a lot of Americans these ransomware attacks became real. It certainly did for the Biden administration.
When you start getting pressure from people to do something because there are gas lines and that doesn't make the administration look good. Now obviously there is this effort to respond as forcefully as possible. And that's why you have now, you have the Justice Department saying they're going to treat these ransomware cases like terrorism cases, which is what led to the recovery of that $2.3 million yesterday, money that Colonial Pipeline paid out to the cyber attackers.
- Jeff also explained why the Justice Department is changing how it's handling these investigations.
JEFF PEGUES: The FBI, the Justice Department, they got to do something. So what do you do? You try to streamline these investigations, increase the coordination among agencies whether it's the US Attorney's Office, the money laundering experts. Because what investigators have to do to curtail this kind of behavior is cut off the flow of the money. So as they do in terrorism cases they're going to start following the flow of the money, and that's what happened in the Colonial Pipeline case just yesterday.
- You can catch Jeff and his reporting on the CBS Evening News with Norah O'Donnell. That's at 6:30 after CBS 4 News at 6:00.