In a Thursday article concerning Colonial Pipeline apparently paying ransom to get their systems back online the Wall Street Journal‘s writers let this tidbit slip.
Bloomberg reported earlier Thursday that Colonial had paid the hackers a sum of nearly $5 million, and that the decryption tool ultimately wasn’t effective in restoring operations. Instead, Colonial was able to recover by relying on system backups, Bloomberg reported.
Which raises two questions. If Bloomberg‘s reporting is accurate,
- Where were Colonial’s CEO, COO, and CIO that they allowed the hack to occur in the first place?
- Where were Colonial’s CEO, COO, and CIO that they didn’t go to those backups right away instead of rewarding their attackers for the privilege of being their victim?
Colonial management’s apparent cowardice not only serves to expose their company to further extortion, it exposes their peers in the industry and businesses everywhere to this sort of extortion.
Just as bad is the Biden administration’s timid response. The longstanding (not just under this administration) vulnerability of all of our nation’s financial, power, water, fuel infrastructure, coupled with Biden’s ducking away from the current attack (it’s a private matter), exposes our nation to state-level attack and crushing defeat.