A cyber ransomware attack crippled the nation’s largest pipeline on the East Coast which now threatens to raise gas prices while exposing vulnerabilities in critical U.S. infrastructure.
Colonial Pipeline Co, which runs a 5,500-mile pipeline from Linden, N.J., to the Gulf Coast at Houston, Texas revealed in a press release Monday its four primary lines remain offline after corporate computer systems had been compromised.
“We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so,” the company said, as smaller lateral lines begin to restart operations.
A prolonged shutdown of its four main lines however, which provide gasoline and jet fuel up and down the East Coast and across the South threatens to hike prices as suppliers are forced to pursue costly alternative routes. According to Reuters, the pipeline transports more than 2.5 million barrels of fuel daily, or 45 percent of all fuel consumed on the East Coast.
No significant immediate effects were felt as travel remains suppressed amid the coronavirus pandemic, though the longer the pipeline remains out of commission, the impact will grow. The company said its goal is to begin “substantially restoring operational service by the end of the week.”
This is wild
Colonial Pipeline, which operates the largest US gasoline and diesel pipeline system, said it shut its entire network after a cyber-attack. The artery transports roughly 45% of the fuel to the East Coasthttps://t.co/VJwiiGEIRm pic.twitter.com/b9Z52d6SSp
— Stephen Stapczynski (@SStapczynski) May 8, 2021
The U.S. Department of Transportation issued an emergency declaration in response on Sunday, with regulations waived through June 8 to encourage carriers to ramp up alternative forms of fuel transport. The agency temporarily waived overtime and sleep restrictions on drivers who carry fuel between distributors and gas stations in 17 states across the South and East Coast and the District of Columbia. The U.S. is already struggling with a shortage of drivers as 20 to 25 percent of tanker trucks remain parked without qualified drivers, according to the National Tanker Truck Carriers Association.
Absent the pipeline, distributors will be forced to transport by rail, and the East Coast region could shift to European import, pumping prices higher from the foreign shipments as opposed to domestically produced energy.
The nation’s largest U.S. refinery has already shut down two crude distillation units in Texas.
“It shows you how quickly this can have ramifications and ripple effects across markets,” Dustin Carmack, a research fellow in technology policy at the Heritage Foundation told The Federalist on the effects of the pipeline disruption.
Carmack said the incident highlights how pipelines are “fundamental” to American energy infrastructure with their ability to transport vast amounts of fuel across long distances for far cheaper than conventional avenues through trucks and trains which are also more prone to accidents and spills.
A Russian cybercrime gang called DarkSide claimed credit for the attack with a statement on its website, NBC News reported. The FBI said it “confirmed” the group was behind the ransom to sack the Colonial Pipeline network in a Monday statement.
“We continue to work with the company and our government partners on the investigation,” the law enforcement agency said.
The shutdown of the vital pipeline in use since the early 1960s increases anxiety over the vulnerabilities of an aging infrastructure connected to the internet as sophisticated cyberattacks soar in the digital age. There were more than 11 “significant” cyberattacks to target major global networks in April alone, according to the Center for Strategic and International Studies (CSIS) tracker of cyber incidents.
In December, then Secretary of State Mike Pompeo accused the Kremlin of orchestrating a wide-ranged monthslong cyberattack on corporate, non-profit, local, state, and federal agencies. The cyber intrusion was discovered by the private cybersecurity firm FireEye, the same firm hired by Colonial Pipeline to assist with the ransomware attack.
Jim Lewis who serves as the senior vice president and director of the Strategic Technologies Program at CSIS told The Federalist pipelines have been particular targets vulnerable for years, but that ransomware has presented a new challenge in cyberspace going from an “annoyance to a national security threat” within the last two.
While operators of Colonial Pipeline did right thing to turn off the lines and collaborate with the federal government Lewis said, to avoid spills or damage, the episode highlights a need for companies and agencies to better prepare for sophisticated ransomware attacks.