The recovery is a rare outcome for a ransom situation, CNN reported, particularly for a crippling cyberattack that turned out the way the pipeline’s did, in which there were gas shortages for days as a result.
The ransom was paid last month, according to CEO Joseph Blount, who said the company paid $4.4 million after the hackers shut down the pipeline in early May, CNN reported.
The company paid the ransom because officials had no idea of the extent of the damage the hackers had wrought, nor did they know how long it would take to bring back operations, Blount said, per CNN.
The company worked behind the scenes to let the FBI know what was happening, though. And it followed instructions that led to the tracking of the payment to what officials said was a Russian crypto wallet, according to CNN.
For over a year, the FBI has been investigating DarkSide, which shared its malware tools with fellow hackers, CNN reported. FBI Director Christopher Wray said there is always potential for things to go right with hacking scenarios.
“I don’t want to suggest that this is the norm, but there have been instances where we’ve even been able to work with our partners to identify the encryption keys, which then would enable a company to actually unlock their data — even without paying the ransom,” he said, per CNN.
PYMNTS reported on the ransom payment when it happened, writing that the hack caused a shutdown of around 5,500 miles of pipeline. The position of the government, even at that time, was officially that ransom would not be paid, and White House officials didn’t comment on the ransom payment.
PYMNTS reported that DarkSide’s services were tantamount to “Ransomware-as-a-Service” as the group sold its products to others to help fuel crimes.