Pipeline exec to face Congress as US recovers most of ransom

WASHINGTON (AP) — The chief executive of the massive fuel pipeline hit by ransomware last month is expected to detail his company's response to the cyberattack and to explain his decision to authorize a multimillion-dollar payment when he testifies before Congress this week.

Colonial Pipeline CEO Joseph Blount will face the Senate Homeland Security Committee on Tuesday, one day after the Justice Department revealed it had recovered the majority of the $4.4 million ransom payment the company made in hopes of getting its system back online. A second hearing is set for Wednesday before the House Homeland Security Committee.

Blount's testimony marks his first appearance before Congress since the May 7 ransomware attack that led Georgia-based Colonial Pipeline, which supplies roughly half the fuel consumed on the East Coast, to temporarily halt operations. The attack has been attributed to a Russia-based gang of cybercriminals using the DarkSide ransomware variant, one of more than 100 variants the FBI is currently investigating.

The company decided soon after the attack to pay ransom of 75 bitcoin, then valued at roughly $4.4 million. Though the FBI has historically discouraged ransomware payments for fear of encouraging cyberattacks, Colonial officials have said they saw the transaction as necessary to resume the vital fuel transport business as rapidly as possible.

The operation to seize cryptocurrency paid to the Russia-based hacker group is the first of its kind to be undertaken by a specialized ransomware task force created by the Biden administration Justice Department. It reflects a rare victory in the fight against ransomware as U.S. officials scramble to confront a rapidly accelerating threat targeting critical industries around the world.

“By going after the entire ecosystem that fuels ransomware and digital...