Colonial Pipeline: Everything we know about cyberattack threatening US energy supplies

<p>Colonial Pipeline has shut down operations since Friday due to a ransomware attack on its operator  </p> (AP2008)

Colonial Pipeline has shut down operations since Friday due to a ransomware attack on its operator


The United States’ largest pipeline has been shut down for the last three days after being hit with a cyber attack, forcing the Biden administration to invoke emergency powers amid an “all-hands-on-deck” effort to ensure no fuel shortages occur.

Experts have said gas prices would likely not be impacted if the Georgia-based Colonial Pipeline, which runs along the East Coast, comes back online in the next few days.

But the cybersecurity attack was the worst assault to date against US critical infrastructure. The incident underscores serious vulnerabilities within US infrastructure that leaves it at risk to ransomware attacks. The private sector owns a majority of the nation’s nondefence infrastructure.

The pipeline carries gasoline and other fuel between Texas and Northeastern states, delivering roughly 45 per cent of the fuel used on the East Coast, according to Colonial Pipeline.

The operator of Colonial Pipeline was hit with the ransomware attack on Friday, forcing it to shut down all pipeline operations. A Russian criminal group called DarkSide was reported as the possible group behind the attack.

On Sunday, Colonial Pipeline said it was developing a restart plan and has already made smaller lines operational.

The Department of Transportation was forced to step in and issue an emergency declaration to relax regulations for drivers carrying gasoline and other fuel products on the East Coast. This relaxation would give drivers more flexibility amid the pipeline outage.

Who is responsible for the cyberattack?

Colonial Pipeline reported what they described as a ransomware attack on their operator on Friday – which often involves hackers locking up computer systems by encrypting data and paralysing networks before they then ask for a large ransom to unscramble it.

The company said on Sunday its IT system was working to actively restore the operator and will “bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations,” according to a statement.

It was not revealed if money was demanded or who made the demand in the cyberattack, but DarkSide has been named as likely being responsible for the attack.

DarkSide, a Russia-based ransomware group, was among several criminal gangs responsible for costing Western nations tens of billions of dollars in the last three years.

The group claims to only target large corporations that are not related to medical, educational, or government entities. A portion of the money earned by the group during these ransomware attacks are then donated to charities, DarkSide claims.

What will be the impact on states and gasoline prices?

Timing will be crucial in determining the full potential impact of the Colonial Pipeline closure on states and their access to gasoline and other fuel. The pipeline system spans more than 5,500 miles, transporting more than 100 million gallons a day.

If the company can restore portions of its pipeline by Wednesday, then the United States would likely experience little to no long-term impact of the ransomware attack.

Experts have warned gas prices could rise if the outage extends multiple weeks, but this cyberattack might not have the full impact it could’ve due to the coronavirus pandemic.

Demand for fuel was already low amid the pandemic, leaving storage facilities well stocked with excess supply. In the coming months, though, travel restrictions will likely further relax, encouraging residents to resume holiday travel and driving. Another cyberattack in the coming months could have a larger impact on the gasoline industry.

If the shutdown continues, southern states will be the first to experience higher gasoline prices, given the region relies most heavily on the pipeline system’s supply.

“The existence of plentiful gasoline inventories does limit the impact of this attack for now, although the issue could become more pressing with each day that passes without a resolution,” said Joshua Mahony, senior market analyst at IG, in a note to clients.

On Monday, oil and gasoline futures climbed due to concerns of what the lasting impact might be of the cybersecurity attack if it were to last longer.

What happens next?

Colonial Pipeline’s last update to the public was on Sunday, when the company revealed in a statement that it was “actively in the process of restoring” the system following the attack.

The company said it would continue to work with law enforcement and other federal agencies, including the Department of Energy, in addressing the problem and restoring the system. But the timeline for when full services to the pipeline could be restored remained unknown on Monday.

The Independent has contacted Colonial Pipeline for a comment.

Gina Raimondo, the US secretary of commerce, said on Sunday that ransomware attacks were “what businesses now have to worry about”, encouraging them to improve their security to avoid future problems.

Ms Raimondo said addressing ransomware attacks was a top priority under the Biden administration, and she would be working “very vigorously” with homeland security officials on the issue.

“Unfortunately, these sorts of attacks are becoming more frequent,” she said on CBS’s Face the Nation. “We have to work in partnership with business to secure networks to defend ourselves against these attacks.”

Companies have been warned that those who were not actively investing in updated security will be at risk for future catastrophe.

Read More

Michelle Obama says she's banning anyone not vaccinated from coming close to her family

Albania prime minister set on firing the country’s president

‘She knows how to win!’ Trump endorses Elise Stefanik to replace Liz Cheney