In May 2021, Colonial Pipeline, an American oil pipeline system, suffered a ransomware cyberattack. As a result, Colonial Pipeline halted the pipeline’s operations to contain the attack. Colonial Pipeline, with the assistance of the FBI, paid the requested ransom (75 bitcoin or $4.4 million) within several hours after the attack. Upon receiving the ransom, the hackers sent Colonial Pipeline a software application to restore their network. It was the largest cyberattack on an oil infrastructure target in the history of the United States. But it was not a one-off event. Cyber attacks plague the government and the private sector, and organizations large and small.
After the Colonial Pipeline attack, the White House promoted a whole-of-government effort to take on ransomware, kickstarting a number of task forces designed to make the government more resilient while going after the people organizing ransomware gangs.
The Department of Justice announced that it managed to recover some of the ransom that was paid by Colonial Pipeline to the DarkSide ransomware group–seizing 63.7 Bitcoins of the 75 Bitcoins that Colonial Pipeline paid.
This program will focus on cybersecurity and crypto terrorism including ransomware vulnerabilities and protections. It will explore the roles of private industry and government–specifically who in the US intelligence community is responsible for detections, actions and decisions. This is not a problem going away anytime soon and future threats to the United States and the western world will also be addressed such as who the bad actors are and where lies the greatest threat.