In May 2021 hackers initiated a cyberattack against Colonial Pipeline Co., the company behind the US’s largest gasoline pipeline. It was the kind of incident American officials had feared for years. Colonial was forced to halt operations for six days, which led to panic buying, shortages, and an increase in the price of gas. The company paid the hackers a ransom of 75 Bitcoin, worth about $4.4 million at the time.
About a month later, the US Department of Justice announced it had reclaimed almost all the Bitcoin. Criminals favor cryptocurrencies in part because they’re supposedly hard to trace, but the FBI had tracked the ransom Colonial paid to an address tied to DarkSide, a Russia-linked cybercrime group associated with the attackers, and swooped in to seize it. It was a breakthrough in the fight against cyberextortion, signaling that US law enforcement could get to assets held by attackers who operate far outside the country. “There is no place beyond the reach of the FBI,” Deputy Director Paul Abbate said in a statement.