Cyberattack shuts down major fuel pipeline in US

Published May 10, 2021
Holding tanks are seen at Colonial Pipeline’s Charlotte tank farm in North Carolina in an undated photograph.—Reuters
Holding tanks are seen at Colonial Pipeline’s Charlotte tank farm in North Carolina in an undated photograph.—Reuters

ATLANTA: Top US fuel pipeline operator Colonial Pipeline worked on Sunday to recover from a ransomware cyberattack that forced it to shut down on Friday and sparked worries of a spike in retail gasoline prices.

Colonial said on Saturday it was “continuing to monitor the impact of this temporary service halt” and to work to restore service. It did not give an estimate for a restart date and declined further comment on Sunday.

The incident is one of the most disruptive digital ransom operations ever reported and has prompted calls from American lawmakers to tighten protections for critical US energy infrastructure against hackers.

Colonial moves 2.5 million barrels per day of gasoline and other fuels from refiners on the Gulf Coast to consumers in the mid-Atlantic and southeastern United States.

The incident is one of the most disruptive digital ransom operations ever reported

Its 8,850km network serves major US airports, including Atlanta’s Hartsfield Jackson Airport, the world’s busiest by passenger traffic.

Retail fuel experts including the American Automobile Association said an outage lasting several days could have significant impacts on regional fuel supplies, particularly in the US southeast.

While the US government investigation is in the early stages, a former US official and two industry sources said the hackers are likely a professional cybercriminal group and that a group dubbed “DarkSide” was among potential suspects.

DarkSide is known for deploying ransomware and extorting victims while avoiding targets in post-Soviet states. Ransomware is a type of malware designed to lock down systems by encrypting data and demanding payment to regain access.

Cybersecurity firm FireEye has also been brought in to respond to the attack, according to the two industry sources. FireEye declined to comment.

Colonial has said it was working with a “leading, third-party cybersecurity firm”, but did not name the firm.

Bloomberg News, citing people familiar with the matter, reported late on Saturday that the hackers are part of DarkSide and took nearly 100 gigabytes of data out of Colonial’s network on Thursday ahead of the pipeline shutdown.

Messages left with the DarkSide hackers were not immediately returned. The group’s dark website where hackers regularly post data about victims made no reference to Colonial Pipeline.

President Joe Biden was briefed on the cyberattack on Saturday morning, the White House said, adding that the government was working to try to help the company restore operations and prevent supply disruptions.

Another fuel pipeline serving the same regions carries a third of what Colonial does. Any prolonged outage would require tankers to transport fuels from the US Gulf Coast to East Coast ports.

The privately held, Georgia-based company is owned by CDPQ Colonial Partners LP, IFM (US) Colonial Pipeline 2 LLC, KKR-Keats Pipeline Investors LP, Koch Capital Investments Company LLC and Shell Midstream Operating LLC.

Gasoline futures and diesel futures on the New York Mercantile Exchange rose on Friday after the outage was reported. In previous Colonial outages, retail prices have risen substantially, if briefly.

Oil refining companies contacted on Saturday said their operations had not yet been impacted. Some were monitoring developments and working to find alternative transport for customers.

Published in Dawn, May 10th, 2021

Opinion

Editorial

Palestine MPC
Updated 09 Oct, 2024

Palestine MPC

It's a matter of concern that PTI did not attend the Palestine MPC. Political differences should be put aside when showing solidarity with Palestine.
A welcome reform
09 Oct, 2024

A welcome reform

THE Punjab government’s decision to abolish the corruption-ridden and inefficient food department, and replace it...
Water paradox
09 Oct, 2024

Water paradox

A FULLY fledged water crisis is unfolding across the world, with 2023 recorded as the driest year for rivers in over...
Terrorism upsurge
Updated 08 Oct, 2024

Terrorism upsurge

The state cannot afford major security lapses. It may well be that the Chinese nationals were targeted to sabotage SCO event.
Ban hammer
08 Oct, 2024

Ban hammer

THE decision to ban the PTM under the Anti-Terrorism Act is yet another ill-advised move by the state. Although the...
Water tensions
08 Oct, 2024

Water tensions

THE unresolved tensions over Indus water distribution under the 1991 Water Apportionment Accord demand a revision of...