A cyberattack took down the main pipeline that carries gasoline from the Gulf Coast to the US East Coast on Friday. It remained shut on Monday, raising concerns about the vulnerability of critical systems to hacking.
Colonial Pipeline, which operates pipes that carry refined petroleum products like gas and diesel for cars and trucks, jet fuel, heating oil for homes and fuel for the military, said in a statement that it’s taken “certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.”
On Monday, the company said in a statement that it’s aiming for “substantially restoring operational service by the end of the week.”
If the disruption doesn’t last beyond a few more days, it likely won’t cause many problems because local supplies typically get replenished via the pipeline about once a week. The Wall Street Journal compared the situation to pipeline shutdowns that occur during hurricanes. On Sunday, the US government relaxed rules on fuel being transported by road.
The shutdown does increase alarm about cyberattacks on key infrastructure systems. It’s unclear whether criminal hackers or a nation-state is behind the attack, the Journal reported. Colonial said it has contacted “law enforcement and other federal agencies” and engaged a “leading, third-party cybersecurity firm” to investigate.
The FBI blamed a group calling itself DarkSide for the ransomware attack, Reuters reported Monday. In ransomware schemes, attackers use code to seize control of a computer system and then demand money to unlock it. The worldwide WannaCry ransomware attacks in 2017, for instance, locked up computer systems at hospitals, banks and phone companies.
Assaults like the one on Colonial also worry observers concerned about cyberwarfare tactics such as Russia’s shutdown of part of Ukraine’s power grid in 2015 and reports that a Russian government-sponsored group called Dragonfly or Energetic Bear gained access to control rooms of US electric utilities in 2017. The US military has also reportedly aimed cyberattacks at Russia’s electrical grid and Iran’s missile systems.
More recently, fears about Russian cyberespionage were stoked by the massive SolarWinds hack, which used tainted software from the IT management company to penetrate multiple US federal agencies and at least 100 private companies. In April, US President Joe Biden signed an executive order imposing a range of retaliatory measures against Russia in the SolarWinds exploits.
Colonial connects refineries in the Gulf Coast and elsewhere with customers in the Southern and Eastern United States. Its pipeline system covers more than 5,500 miles and carries more than 100 million gallons of fuel per day, making it the biggest refined products pipeline in the US, according to the company.