The group targeted the largest pipeline system for refined oil products in the U.S in May, causing massive shortages at gas stations on the east coast of the country.
“Following the money remains one of the most basic, yet powerful tools we have,” Deputy Attorney General Lisa Monaco said in a statement released by the Department of Justice on Monday.
“Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks,” she said.
Ransomware attacks like this one involve malware that encrypts files on a device or network, making it inoperable. Criminals will then demand a ransom in exchange for the release of data.
Colonial Pipeline initially paid the hackers nearly $5 million to regain access, according to Bloomberg News.
An affidavit filed on Monday showed law enforcement was able to recover the money because the FBI had possession of a private key (the rough equivalent of a password) to unlock the Bitcoin wallet that had received most of the ransomed funds.
Magistrate Judge Laurel Beeler approved the seizure of funds earlier on Monday from the "Bitcoin address," which the filing said was located in California.
The attack by DarkSide – believed to be a Russian-based criminal organization – spiked gas prices and sparked panic buying, prompting President Joe Biden at the time to emphasize the importance of strong cybersecurity across the country and ransomware becoming a growing national security threat.
The White House has lately urged corporate executives and businesses to generally improve their security measures in order to protect against mass cyber attacks, especially as web-based corruption has increased due to the pandemic.
