YOU ARE AT:SoftwareRansomware attack takes down US' largest fuel pipeline

Ransomware attack takes down US’ largest fuel pipeline

A ransomware cyber attack took down the U.S.’ largest fuel pipeline operator on Friday and as of today, the company’s operations are reportedly still largely offline.

Georgia-based Colonial Pipeline says that it transports approximately 45% of all fuel consumed on the East Coast.

“This is as close as you can get to the jugular of infrastructure in the United States,” Amy Myers Jaffe, research professor and managing director of the Climate Policy Lab, told Reuters. “It’s not a major pipeline. It’s the pipeline.”

That a cyber attack has taken down such a critical piece of U.S. infrastructure “underscores the threat that ransomware poses to organizations regardless of size or sector,” said Eric Goldstein, executive assistant director of the cybersecurity division at CISA, in a comment to Reuters.

Bloomberg reported that the suspected hackers belong to a group known as Darkside, which targets private companies from English-speaking countries, and that they are believed to have stolen nearly 100 gigabits of data in two hours last Thursday — and then locked down Colonial’s computers and demanded ransom. Colonial was reportedly threatened with a two-pronged “double-extortion” scheme: That some of its stolen data would be published on the internet, and the information on the infected computers inside the company’s network would remain inaccessible unless Colonial paid the hackers.

A recent cybersecurity report from Keysight Technologies noted that hackers are increasingly combining demands for money with threats to release data, particularly data that will trigger regulatory penalties if it is published.

Colonial has said publicly that it “proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.” In a statement issued Sunday evening, the company said that its operations team is “developing a system restart plan.” Its multiple main lines remained offline, although it said that some of its smaller, lateral lines to delivery points had begun to operate. “We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so,” Colonial added.

CNBC reported Monday that Colonial’s operations have yet to be restored. The amount of time that the pipeline will remain offline is unclear, based on published press reports, and could cause substantial disruption if the pipeline is down for more than a few days.

According to Colonial’s website, it transports 100 million gallons of refined fuel products a day from the Gulf Coast to markets in the Southern and Eastern U.S., with a pipeline system than spans more than 5,500 miles and includes more than 280 facilities along the pipeline system; it says it uses “computerized technology” for constant monitoring of pressures, valve positions and the operating status of its pumps.  

ABOUT AUTHOR

Kelly Hill
Kelly Hill
Kelly reports on network test and measurement, as well as the use of big data and analytics. She first covered the wireless industry for RCR Wireless News in 2005, focusing on carriers and mobile virtual network operators, then took a few years’ hiatus and returned to RCR Wireless News to write about heterogeneous networks and network infrastructure. Kelly is an Ohio native with a masters degree in journalism from the University of California, Berkeley, where she focused on science writing and multimedia. She has written for the San Francisco Chronicle, The Oregonian and The Canton Repository. Follow her on Twitter: @khillrcr