司法部周一宣布已经成功查封数百万美元继上个月的勒索软件攻击根据周一下午启封的扣押令，这导致管道短暂关闭。

“今天早些时候，司法部已经发现并收回了殖民者在上个月的勒索攻击后支付给黑暗面网络的大部分赎金。“软件攻击总是不可接受的——但当它们以关键基础设施为目标时，我们将不遗余力地做出回应，”副总检察长丽莎·摩纳哥在新闻发布会上说。

“今天，我们扭转了黑暗面的局面，”她说。“通过追踪助长勒索软件和数字勒索攻击的整个生态系统，包括数字货币形式的犯罪收益，我们将继续使用我们所有的工具和资源来增加勒索软件攻击和其他网络攻击的成本和后果。”

美国广播公司新闻

美国司法部副部长丽莎·摩纳哥谈到司法部的扣押

美国联邦调查局(FBI)在袭击发生几天后的一份简短声明中表示，殖民管道黑客是由黑暗面演员实施的。

在袭击发生时，总统乔·拜登说黑客的基地在俄罗斯，但不是俄罗斯政府的一部分。

克里斯·卡尔森/美联社，档案

2021年5月12日，北卡罗来纳州夏洛特的殖民管道公司入口。勒索软件黑客

殖民运输消耗了东海岸大约45%的燃料。该公司在几天内就开始运营，但放缓意味着袭击后的延迟仍然存在。

今年5月，该公司承认以比特币加密货币支付了100万英镑赎金。

“我们需要尽全力快速安全地重启系统。决定支付赎金，”该公司表示。“然而，这个决定不是轻易做出的，而是必须做出的。数千万美国人依赖殖民地医院、急救医疗服务、执法机构、消防部门、机场、卡车司机和旅行公众。我们的重点仍然是持续运营，向我们所服务的社区安全交付精炼产品。”

该公司首席执行官上个月在一次采访中表示，他授权在该公司获悉攻击几小时后向黑暗面集团支付430万美元，因为高管们不确定恢复管道可能需要多长时间。

DOJ官员周一表示，从黑暗面缴获的全部比特币为6370万枚，价值约230万美元。

癫痫发作的消息是第一个据报告的美国有线电视新闻网。

扣押令经过美国广播公司新闻政治关于Scribd

当被美国广播公司(ABC News)问及此次扣押是否真的会对其他黑客组织起到威慑作用时，考虑到它仅相当于Colonial支付的赎金的大约一半，并且鉴于该组织在俄罗斯境外开展业务，不太可能因此次袭击而面临刑事后果，摩纳哥表示，她“不会超越调查努力和与正在进行的调查相关的全部后果”。

她说:“今天的信息是，我们将利用我们所有的工具，追踪这些犯罪网络，包括生态系统、非法和滥用在线基础设施，坦率地说，他们使用数字货币来实施这些计划。”

摩纳哥还利用周一的声明敦促公司采取先发制人的行动。

“在这种威胁加剧的情况下，我们都有责任保护我们国家的安全。任何组织都不能幸免。因此，今天我想向企业和社区的领导人强调，严重的勒索软件攻击的威胁对你们的组织、你们的公司、你们的客户、你们的股东以及你们的长期成功构成了明显和现实的威胁，”她警告说。

“所以现在注意了。现在投入资源。如果做不到这一点，可能会造成现在安全，或者以后成为受害者的不同，”她说。

为了获得公司的更多合作，国土安全部在殖民管道遭到黑客攻击后不久宣布，将要求所有管道公司在网络事件发生几小时后报告事件。

该指令来自运输安全管理局，DHS的一个以保护天空闻名的部门，也监督管道安全。

公司将被要求在违规后12小时内向网络安全和基础设施安全管理局报告管道相关的网络攻击;建立一个24/7网络协调员，该协调员能够对事件做出反应并与运输安全管理局协调;并在30天内修复被破坏的管道，并制定一个计划。

DOJ seizes millions in ransom paid by Colonial Pipeline

The Justice Department on Monday announced it has successfully seizedmillions of dollarsin cryptocurrency Colonial Pipeline paid to the cyber criminal group DarkSide following last month'sransomware attackthat led the pipeline to briefly shut down its operations, according to a seizure warrant unsealed Monday afternoon.

"Earlier today, the Department of Justice has found and recaptured the majority of the ransom Colonial paid to the DarkSide network in the wake of last month's ransomware attack. Ransomware attacks are always unacceptable -- but when they target critical infrastructure, we will spare no effort in our response," Deputy Attorney General Lisa Monaco said at a news conference.

"Today, we turned the tables on DarkSide," she said. "By going after the entire ecosystem that fuels ransomware and digital extortion attacks, including criminal proceeds in the form of digital currency, we will continue to use all of our tools, and all of our resources to increase the cost and the consequences of ransomware attacks and other cyber-enabled attacks."

The Colonial Pipeline hack was carried out by DarkSide actors, the FBI said in brief statement days after the attack.

At the time of the attack, PresidentJoe Bidensaid the hackers were based inRussia, but were not part of the Russian government.

Colonial transports approximately 45% of all fuel consumed on the East Coast. The company was up and running within days, but the slowdown meant delays still remained in the aftermath of the attack.

In May, the company admitted it paid million ransom in Bitcoin cryptocurrency.

"We needed to do everything in our power to restart the system quickly and safely. The decision was made to pay the ransom," the company said. "This decision was not made lightly, however, one that had to be made. Tens of millions of Americans rely on Colonial -- hospitals, emergency medical services, law enforcement agencies, fire departments, airports, truck drivers and the traveling public. Our focus remains on continued operations to safely deliver refined products to communities we serve.”

The company's CEO said last month in an interview that he authorized a payment of $4.3 million to the DarkSide group only hours after the company learned of the attack because executives were not sure how long it might take to bring the pipeline back on.

The full amount of the seizure from DarkSide, DOJ officials said Monday, was 63.7 bitcoins valued at approximately $2.3 million.

News of the seizure was firstreportedby CNN.

Seizure WarrantbyABC News Politicson Scribd

Asked by ABC News whether the seizure would really operate as a deterrent for other hacking groups given it only amounts to roughly half of what Colonial paid in ransom and, given the group operates out of Russia, will not likely face criminal consequences for the attack -- Monaco said she "wouldn't get ahead of the investigative efforts and full consequences associated with the ongoing investigation.

"The message today is we will bring all of our tools to bear, to go after these criminal networks, including the ecosystem and the illicit and the abuse, frankly, of the online infrastructure that they use in terms of the digital currency to perpetrate these schemes," she said.

Monaco also used Monday's announcement to urge companies to take preemptive action.

"In this heightened threat landscape, we all have a role to play in keeping our nation safe. No organization is immune. So today I want to emphasize to leaders of corporations and communities alike, the threat of severe ransomware attacks pose a clear and present danger to your organization, to your company, to your customers, to your shareholders, and to your long-term success," she warned.

"So pay attention now. Invest resources now. Failure to do so could be the difference between being secure now, or a victim later," she said.

In an effort to get more cooperation from companies, the Department of Homeland Security announced shortly after Colonial Pipeline was hacked that it will mandate that all pipeline companies report a cyber incident hours after it happens.

The directive came from the Transportation Security Administration, an arm of DHS known for protecting the skies that also oversees pipeline security.

Companies will be mandated to report pipeline related cyberattacks to the Cybersecurity and Infrastructure Security Administration within 12 hours of the breach; put in place a 24/7 cyber coordinator who can respond to incidents and coordinate with the TSA; and fix the breached pipeline within 30 days and outline a plan to proceed.