Colonial Pipeline, the largest fuel pipeline operator in the United States, has shut down its entire network, which is the source of nearly half of the US East Coast’s fuel supply, after a cyber attack the company said was caused by ransomware.
This incident is one of the most impactful digital ransomware operations ever reported, and it has drawn attention to the extent to which the US energy infrastructure is vulnerable to hackers. The shutdown sparked fears of a rise in gasoline pump prices before the height of the summer season. Read also It increased after the killing of Soleimani .. Report: Cyber attacks on US facilities US information security experts warn: Iran’s electronic bullet may not be anticipated Sabotage or control? .. An American cyber attack on Iran It may paralyze entire countries .. Has electronic warfare raged?
Colonial transports 2.5 million barrels per day of gasoline, diesel, jet fuel and other refined products across 5,500 miles (8,850 km) of pipelines linking refineries on the Gulf Coast to the eastern and southern United States.
Colonial said it had shut down systems to contain the threat after learning of the attack on Friday. She said this action temporarily halted operations and affected some of its IT systems.
While the US government investigation is still in its early stages, a former official and two industry sources said the hackers are most likely a professional group of cybercriminals.
The former official said investigators are looking into a group dubbed “DarkSide”, known for spreading ransomware and extorting victims in post-Soviet countries.
Colonial said the incident involved ransomware, a type of malware designed to shut down systems by encrypting data and requiring payment to regain access to it.
Colonial said it engaged a cybersecurity company to conduct an investigation, and contacted law enforcement and federal agencies.
Sources in the cybersecurity industry said that the cybersecurity company FireEye was brought in to respond to the attack.
US government agencies said they were aware of the situation. The Energy Department said it is monitoring the potential impacts of the country’s energy supply, while the Cybersecurity and Infrastructure Security Agency and the Transportation Security Administration all told Reuters they are working to address the situation.
“We are engaged with the company and our interagency partners on the situation,” said Eric Goldstein, assistant executive director of the Cybersecurity division.
Colonel did not give further details or specify how long the pipelines would be closed. “Vulnerabilities in cybersecurity have become a systemic problem,” said Algirdi Bebekite, head of cyber strategy at the World Economic Forum’s Cyber Security Center.
“Unless cybersecurity measures are included in the technology development stage, we are likely to witness more frequent attacks on industrial systems such as oil and gas pipelines or water treatment plants,” Bebekite added.
Gasoline futures on the New York Mercantile Exchange rose 0.6% after the closing was first announced on Friday, while diesel futures rose 1.1%, both of which outpaced gains in crude oil. Gulf Coast cash prices fell for gasoline and diesel amid expectations of an accumulation of supplies in the region.
“With each passing day, its impact becomes greater and greater on the refining of Gulf Coast oil,” said Chairman of Lippo Oil Associates, a consultancy, Andrew Leibo. Refiners would have to react by reducing processing ore because they lost part of the distribution system.
A market participant told Reuters that Gulf Coast prices could double further, while prices in New York Harbor could rise, gains that could herald increases in pumps in the northeast.
“This is a big deal, and if manual overrides or backups are not available, mitigation of this incident may take longer than we would like,” said Chris Bronk, assistant professor of computer information systems at the University of Houston and a former senior advisor at the US State Department.
Ben Sassi, a Republican senator from Nebraska and a member of the Senate Select Committee on Intelligence, said the cyber attack was a warning of things to come.
“This is a play that will take place again, and we are not prepared enough,” he added, adding that lawmakers must pass an infrastructure plan that strengthens the sectors against these attacks.
The Colonial Company had previously closed gasoline production lines and distillates during Hurricane Harvey that struck the Gulf Coast in 2017. This contributed to the scarcity of supplies and the rise in gasoline prices in the United States after the hurricane forced many refineries in the Gulf to close.