US authorities announced Monday that they had recovered most of the ransom paid to hackers by Colonial Pipeline to restart its pipeline network.

“The Justice Department has located and recovered most of the ransom,” Assistant Attorney General Lisa Monaco said at a news conference.

The Colonial group, which transports 45% of the fuel consumed on the east coast of the United States, was the victim on May 7 of a ransomware, a program that takes advantage of security flaws to encrypt computer systems and demand a ransom for unlock them.

The US police accused the DarkSide network, which emerged last year and suspected of having ties to Russia, of being behind the attack.

The attack forced Colonial to suspend all its operations, something that had never happened.

The group’s boss, Joseph Blount, admitted to authorizing the payment of a ransom of 75 bitcoins, then equivalent to $ 4.4 million, to hackers after the May attack.

Authorities were able to trace the financial transfers and identify 63.7 of those bitcoins, which were seized on Monday, the Justice Department said in a statement. The sum recovered by the Department of Justice is equivalent to 2.3 million dollars this Monday.

Blount, thanked the FBI for “quick work and professionalism” and said the company contacted the agency “discreetly and quickly” as soon as it detected the attack on May 7.

“Holding cybercriminals accountable and breaking the ecosystem that allows them to operate is the best way to deter and defend against further attacks,” he added.

It is very rare for ransom payments made by businesses to be recovered.

Lisa Monaco hopes that the Colonial Pipeline example will encourage companies that have been the victims of such attacks to quickly contact the authorities.

Even if there are no “guarantees”, “we can do what we have done today and deprive criminals of the benefits they expected,” he said.

Since the attack on the pipeline system, which caused a gasoline shortage in parts of the eastern part of the country, US authorities have stepped up their fight against cybercriminals.

President Joe Biden issued an executive order requiring companies to report cybersecurity breaches. The Justice Department has asked the country’s prosecutors to immediately communicate any information about this type of attack to a new specialized unit.

