TeamHood 
Colonial Pipeline has recovered from the ransomware attack which it has suffered less than a week ago. It expects all its infrastructure to be fully operational by 13th March 2021.
Almost all of the pipeline systems has been brought online by the company and it now delivering petroleum products to the market.
Colonial pipeline is one of the largest pipeline in U.S. and responsible for suppling major chunk of oil to the East coast.
The U.S. Department of Transportation’s Federal Motor Carrier Safety Administration (FMCSA) declaring a state of emergency in 18 states after the company shutdown its operation due to ransomware attack. Multiple Media reports suggests that the shortage caused by the Colonial pipeline outage may have spiked the Gas prices.
The below image showcase the operations resumption activity of Colonial Pipeline
It was identified the DarkSide Ransomware gang targeted the Colonial pipeline operations. Considering the experience of the attackers, the size of the company, and its importance in the U.S., restoring operations this quick would suggest that Colonial Pipeline paid the attackers for the decryption key and to not leak stolen data.
Doubts on Ransom payment
Bloomberg today reports that Colonial Pipeline paid the hackers almost $5 million in cryptocurrency to get a decryption key and restore its systems. Because the tool was too slow, the company used its backups to restore the systems.
While this move would explain the fast restoration of operations, CNN informs that Colonial Pipeline’s quick recovery was possible after retrieving “the most important data” from intermediary servers in the U.S. that the attackers used to store stolen info.
