A crippling cyberattack has forced the shutdown of our nation’s largest pipeline, which delivers fuel to nearly half the East Coast, resulting in motorists’ concern for prices at the pump.
A Russian criminal group, known as DarkSide, may be responsible for a ransomware attack that shut down a major U.S. fuel pipeline on Saturday.
Commerce Secretary Gina Raimondo said that the White House was working to help Colonial Pipeline, the Georgia-based company that operates the pipeline, to restart its 5,500-mile network.
The pipeline system runs from Texas to New Jersey and transports 45 percent of the East Coast’s fuel supply. In a statement from Colonial Pipeline Sunday, the company said that some smaller lateral lines were operational but that the main lines remained down.
“We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations,” the company said.
“We are working closely with the company, state and local officials to make sure that they get back up to normal operations as quickly as possible and there aren’t disruptions in supply,” Raimondo said, adding: “Unfortunately, these sorts of attacks are becoming more frequent. They’re here to stay.”
A White House official said Sunday that the Energy Department is leading the government’s response. Agencies are planning for a number of scenarios in which the region’s fuel supply takes a hit, the official said.
Colonial Pipeline blamed the cyberattack on ransomware and said some of its information technology systems were affected. It said it “proactively” took “certain systems offline to contain the threat.”
The company has not released what was demanded.
Although Russian hackers often work for the Kremlin, early indications suggest that this was a criminal scheme — not an attack by a nation-state — the sources said.
Experts weigh in on the fact that Colonial had to shut down the country’s largest gasoline pipeline underscores just how vulnerable the U.S. cyber infrastructure is to criminals and national adversaries, such as Russia, China and Iran.
According to a top cybersecurity reporter, DarkSide has a website on the dark web that features an array of leaked data from victims who it claims failed to pay a ransom. It claims that the group has made millions from cyber extortion.