Colonial Pipeline's CEO Joseph Blount just wrapped up testimony before the Senate regarding a recent ransomware attack that prompted the shutdown of the key East Coast pipeline.
In case you missed it, here were the key moments from the hearing:
- Blount made the decision to pay the hackers: Blount said during his opening remarks "I made the decision to pay" the ransomware hackers that shut down the pipeline last month. He said it was "the hardest decision" he's ever made in his career, adding, "I believe with all my heart it was the right choice to make."
- Blount said Colonial contacted the FBI "within hours" of the attack: He said that his company reached out to the FBI "within hours" of the ransomware attack. Asked during questioning by Sen. Tom Carper, a Democrat from Delaware, about his contact with the FBI in the early hours of the May 7 attack, Blount said that Colonial first contacted the Atlanta office of the FBI. "They felt it was DarkSide," Blount said, referring to the criminal hacking group that officials said carried out the attack.
- He pushed back on DHS criticism about communications: Blount told lawmakers Tuesday he was "disappointed" to hear the Department of Homeland Security cybersecurity agency raised concerns about communications between the company and the federal agency. Last month, DHS Cybersecurity and Infrastructure Security Agency acting director Brandon Wales testified that his agency was brought in by the FBI, not Colonial. Wales said that there’s a "benefit when CISA is brought in quickly" because the agency can share it in a broader fashion to protect other critical infrastructure.
- Ransom payment was not part of Colonial's cybersecurity response planning: Blount said that they made the decision to pay the hackers without knowing the full scope of the infiltration of Colonial's systems. Blount said the decision was made that it was a priority "to get the encryption tool" from the hackers "and get our information back." Sen. Maggie Hassan asked Blount if Colonial in their cybersecurity response planning had a plan related to ransom. "Specifically no, no discussion on ransom," Blount said.
- Blount says the decryption key worked but was not perfect: Blount defended his decision to authorize ransom payment to hackers last month, saying that the purchased decryption key worked "to some degree." He told lawmakers that it wasn't a "perfect tool," but he wanted every option available to bring the pipeline back online.