Hackers demanded 'millions' in ransom from Colonial Pipeline, sources say
The cyberattackers that compromised Colonial Pipeline's systems demanded "millions" of dollars in ransom, sources briefed on the investigation told ABC News, and the company declined to comment Thursday on whether a ransom had been paid as its fuel delivery operations restarted.
Colonial Pipeline said Thursday that it has made "substantial progress" in its reopening following the cyberattack, and that fuel delivery has commenced in a majority of the markets it serves. The company added that it expects each market it serves to be receiving product from its system by mid-day Thursday.
The pipeline company, which transports approximately 45% of all fuel consumed on the East Coast, said Wednesday evening that it had restarted operations following a multi-day shutdown after it was the victim of a ransomware attack.
The shutdown has been linked to gas prices hiking, fuel shortages and panic-buying throughout parts of the Southeast.
Colonial Pipeline declined ABC News' request for comment on Thursday as to whether a ransom had been paid, after Bloomberg News reported that the company shelled out some $5 million to Eastern European hackers via untraceable cryptocurrency.
Brandon Wales, the acting director of the Cybersecurity and Infrastructure Security Administration (CISA), told reporters Thursday that he has "no knowledge of whether a ransom was paid, how much was paid, if it was paid, when it was paid."
Meanwhile, sources briefed on the investigation told ABC News that while the attack is considered technically unsophisticated, the ransom demand shows some level of sophistication. The sum demanded is viewed by investigators as a figure that's high enough to be substantial but not so high as to be out of the question for a company the size of Colonial to pay.
Investigators also say they are confident the attack was isolated to the company's IT systems and did not hit the separate operating network that manages the functions of moving petroleum products through the pipeline.
The hack is seen as highlighting the vulnerabilities of critical infrastructure in the U.S. to new forms of cyberthreats, and federal government officials have expressed concern that Colonial was slow to contact the federal government after the hack despite the critical role its pipeline plays in the nation.
President Joe Biden on Wednesday signed an executive order that aims in part at improving information-sharing between the government and the private sector on cybersecurity issues.
Meanwhile, the national gas price average in the U.S. hit $3 a gallon for the first time in seven years on Wednesday amid the pipeline saga. Many gas stations throughout the Southeast reported fuel outages as motorists rushed to the pump.
Jeanette McGee, an American Automobile Association spokesperson, said in a statement Thursday the pipeline restart means "relief is coming."
"While impact won’t be seen immediately and motorists in affected areas can expect to see a few more days of limited fuel supply, relief is coming," McGee said. "Station pumps will be full of fuel in several days. This is an especially good update ahead of the Memorial Day holiday."
As of Thursday, the national average gas price was $3.03 a gallon, according to AAA data.