A cyberattack has taken down the main pipeline that carries gasoline to the US East Coast, the pipeline’s operator said Friday, in news that raises further alarm about how vulnerable critical systems are to hacking assaults.
Colonial Pipeline, which operates pipes that carry refined petroleum products like gas, diesel, jet fuel, home heating oil, and fuel for the military, said in a statement that it’s taken “certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.”
If the disruption doesn’t last beyond a few days, it likely won’t cause many problems, due to local supplies of gas that typically get replenished via the pipeline about once a week, The Wall Street Journal reported, likening the situation to pipeline shutdowns that occur during hurricanes. Still, the shutdown increases alarm about cyberattacks on key systems.
It’s unclear whether criminal hackers or a nation-state was behind the attack, the Journal reported. Colonial said it’s contacted “law enforcement and other federal agencies” and engaged a “leading, third-party cybersecurity firm” to investigate.
The attack involved ransomware, Colonial said in an updated statement Saturday. In such schemes, attackers use code to seize control of a computer system, and then they demand money to unlock it. The worldwide WannaCry ransomware attacks in 2017, for instance, locked up computer systems at hospitals, banks and phone companies.
But assaults like the one on Colonial also worry observers concerned about cyberwarfare. Red flags in regard to internet-focused war have included Russia’s shutdown of part of Ukraine’s power grid in 2015, as well as reports that a Russian government-sponsored group ID’ed as Dragonfly or Energetic Bear had been able to gain access to the control rooms of US electric utilities in 2017. The US military has also reportedly aimed cyberattacks at Russia’s electrical grid and Iran’s missile systems.
More recently, fears about cyberespionage were stoked by the massive SolarWinds hack, which used tainted software from the IT management company to penetrate multiple US federal agencies and at least 100 private companies. In April, US President Joe Biden signed an executive order imposing a range of retaliatory measures against Russia in regard to the SolarWinds exploits.
Colonial Pipeline said it’s busy trying to get systems back up and running.
“At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation,” the company said in its statement. “This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline.”
Colonial connects refineries in the Gulf Coast and elsewhere with customers in the Southern and Eastern United States. Its pipeline system covers more than 5,500 miles and carries more than 100 million gallons of fuel a day, making it the biggest refined products pipeline in the US, the company says.