Colonial CEO ‘disappointed’ in DHS cybersecurity agency comments


Colonial Pipeline CEO Joseph Blount said during his opening remarks “I made the decision to pay” the ransomware hackers that shut down the pipeline last month.

He said it was “the hardest decision” he’s ever made in his career, adding, “I believe with all my heart it was the right choice to make.”

Blount said that his company worked with law enforcement “from the start” including the Department of Justice and FBI, which “may have lead to the recovery this week” of millions paid to the hackers.

Blount’s public testimony comes a day after the DOJ announced that US investigators recovered millions of dollars in cryptocurrency paid in ransom to hackers.

The company discovered the cyberattack on May 7 just before 5:00 a.m. when an employee found a ransom note on its IT network. The employee notified a supervisor who ordered the shutdown of the pipeline.

“Shutting down the pipeline was absolutely the right decision, and I stand by our employees’ decision to do what they were trained to do,” Blount said in prepared remarks.  

He said the decision was driven by the “imperative to isolate and contain the attack” to help ensure the malware on the IT network did not spread to the operational network, which controls the pipelines. 

More on the ransomware attack: The process to shutdown 5,500 miles of pipelines took about 15 minutes and was complete by 6:10 am, according to Blount. In prepared remarks, he recognized the “gravity of the disruption that followed the shutdown, including panic-buying and shortages on the East Coast,” and apologized to everyone impacted by this attack. 

Colonial, which has around 950 employees, began returning all pipelines to service on Wednesday evening, May 12. As part of the restart process, the company increased air surveillance and drove over 29,000 miles for inspections of the pipeline to ensure physical security. 

Last month after intense speculation, Blount publicly admitted he made the decision to pay the ransom to the hackers as the company tried to get its services up and running again. 

CNN’s Geneva Sands contributed reporting to this post.