Colonial Pipeline: Everything we know about cyberattack threatening US energy supplies

Colonial Pipeline says it’s ‘actively in the process of restoring’ the pipeline system

Danielle Zoellner
New York
@dani__zoellner
Tuesday 11 May 2021 16:50
comments

FBI names DarkSide as the ransomware group responsible for the cyberattack

Leer en Español

The United States’ largest pipeline has been shut down for the last five days after being hit with a cyberattack, encouraging the Biden administration to invoke emergency powers amid an “all-hands-on-deck” effort to ensure no fuel shortages occur.

The operator of Colonial Pipeline was hit with the ransomware attack on Friday, forcing it to shut down all pipeline operations. A Russian criminal group called DarkSide was named by the FBI as the group behind the attack.

The cybersecurity attack was the worst assault to date against US critical infrastructure and underscores serious vulnerabilities within US infrastructure that leaves it at risk to ransomware strikes. A majority of the nation’s non-defence infrastructure is owned by the private sector.

Officials are currently working to restore system operations to the pipeline, with experts expecting no long-term impact if it comes back online in the next few days. But states in the US Southeast were already reporting gasoline shortages and higher prices amid the shutdown.

The pipeline carries gasoline and other fuel between Texas and Northeastern states, delivering roughly 45 per cent of the fuel used on the East Coast, according to Colonial Pipeline.

On Monday, Colonial Pipeline said it was developing a restart plan and has already made smaller lines operational. The company anticipated portions of the pipeline to be restored by the end of the week.

The Department of Transportation issued an emergency declaration on Sunday to relax regulations for drivers carrying gasoline and other fuel products on the East Coast. This relaxation would give drivers more flexibility amid the pipeline outage.

Who is responsible for the cyberattack?

Colonial Pipeline on Friday reported what they described as a ransomware attack on their operator – which often involves hackers locking up computer systems by encrypting data and paralysing networks before they then ask for a large ransom to unscramble it.

The company said on Sunday its IT system was working to actively restore the operator and will “bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations,” according to a statement.

It was not revealed if money was demanded or if Colonial Pipeline paid any ransom, but DarkSide has been named as being responsible for the attack.

“The FBI confirms that the DarkSide ransomware is responsible for the compromise to the Colonial Pipeline networks. We continue to work with the company and our government partners on the investigation,” the FBI said in a statement released Monday.

DarkSide, a Russia-based ransomware group, was among several criminal gangs responsible for costing Western nations tens of billions of dollars in the last three years.

The group claims to only target large corporations that are not related to medical, educational, or government entities. A portion of the money earned by the group during these ransomware attacks are then donated to charities, DarkSide claims.

What will be the impact on states and gasoline prices?

Timing will be crucial in determining the full potential impact of the Colonial Pipeline closure on states and their access to gasoline and other fuel. The pipeline system spans 5,500 miles, transporting more than 100 million gallons a day between Texas and New Jersey.

If the company can restore portions of its pipeline by Wednesday, then the US will likely experience little to no long-term impact of the ransomware attack.

But gas stations across the Southeast have already reported running out of fuel amid the pipeline closure.

As of Tuesday morning, 7.6 per cent of Virginia, 4.8 per cent of North Carolina, 3.3 per cent of Georgia, and 2.4 per cent of Florida gas stations were all out of fuel, according to data compiled by GasBuddy.

Gas prices were also on the rise due to the anticipated shortage. The national average jumped six cents this week to $2.96, an average the country hasn’t witnessed since 2014.

Panic buying has likely led to shortages at fuel stations and price hikes across the East Coast, given the US currently has a surplus of gasoline and oil supply due to the coronavirus pandemic.

Demand for fuel was low amid the pandemic, leaving storage facilities well stocked with excess supply. In the coming months, though, travel restrictions will likely further relax, encouraging residents to resume holiday travel and driving. If the pipeline shutdown happened months into the summer, the impact would’ve been far greater.

“The existence of plentiful gasoline inventories does limit the impact of this attack for now, although the issue could become more pressing with each day that passes without a resolution,” said Joshua Mahony, senior market analyst at IG, in a note to clients.

In response to the shutdown, North Carolina Governor Roy Cooper declared a state of emergency on Monday to ensure that the state maintains its steady gasoline supply. Georgia Governor Brian Kemp also suspended the state’s gas sales tax temporarily.

“If the interruption persists, we will see more regional impacts than nation-wide, in terms of supply and prices. The south/southeast (Maryland to Mississippi to Georgia), will likely see gas prices increase first,” the AAA said in a statement to Reuters.

“The shorter the pipeline shutdown, the better news for motorists.”

What happens next?

Colonial Pipeline released a statement on Monday to update the public on the status of restoring full service to the system.

“Segments of our pipeline are being brought back online in a stepwise fashion, in compliance with relevant federal regulations and in close consultation with the Department of Energy, which is leading and coordinating the Federal Government’s response,” the company said.

The company’s operations team is “executing a plan that involves an incremental process that will facilitate a return to service in a phased approach” with “the goal of substantially restoring operational service by the end of the week,” according to the statement.

The Independent contacted Colonial Pipeline for a further comment on the situation and was referred to the Monday statement.

Gina Raimondo, the US secretary of commerce, said on Sunday that ransomware attacks were “what businesses now have to worry about”, encouraging them to improve their security to avoid future problems.

Ms Raimondo said addressing ransomware attacks was a top priority under the Biden administration, and she would be working “very vigorously” with homeland security officials on the issue.

“Unfortunately, these sorts of attacks are becoming more frequent,” she said on CBS’s Face the Nation. “We have to work in partnership with business to secure networks to defend ourselves against these attacks.”

Companies have been warned that those who were not actively investing in updated security will be at risk for future catastrophe.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments