14 DAY TRIAL // A source familiar with CNBC's confirmed the situation. Colonial Pipeline supposedly paid a ransom to hackers after the company became the victim of a large-scale cyberattack.
According to a US official who spoke on the condition of anonymity to NBC News, Colonial paid off the $5 waiver.
So far, it is not entirely clear, whether the transaction took place. Bloomberg reported the ransom payment for the first time. Moreover, president Joe Biden refused to comment, when asked whether the colonial pipeline was paying the rescue on Thursday.
The Federal Government holds its position
White House Secretary of the press Jen Pskai told reporters in a briefing that the federal government can still decline ransom payments as it would encourage cybercriminals to launch more attacks.
A criminal cybergroup, known as DarkSide forced the company to shut down 5,500 miles of pipeline, disrupting half of the fuel supply on the East Coast and causing fuel shortages in the South-East.
Ransomware is a form of malware that encrypts files on a computer or network and makes the system inoperative. Criminals behind these cyberattacks usually require ransom for the decryption key release.
On Monday, national security officials from the White House described the attack as financially motivated but would not say if Colonial Pipeline agreed to pay the ransom.
Anne Neuberger, deputy national security advisor for cyber and emerging technologies, stated that “Typically that’s a private sector decision,” when she was asked by reporters at the White House about the ransom payment.
She also said that the FBI warned the victims previously of the ransomware attacks to avoid paying because it will promote further malicious activity by complying with hackers' requests.
On Monday, Biden told the media that the US currently did not find a link between the DarkSide's ransomware attack and the Russian government.
The Colonial Pipeline Hack is just the latest instance of criminals or state players using U.S. cyber vulnerabilities. SolarWinds's software was hacked last year and allowed hackers to gain access to data and communications in various government agencies.
Kremlin holds its position and claims it has nothing to do with the recent cyberattacks on US soil.