The main U.S. pipeline operator, Colonial Pipeline, worked on Sunday to recover from a ransomware cyberattack that forced it to shut down on Friday and raised concerns over soaring retail gasoline prices.
Colonial said on Saturday it “continues to monitor the impact of this temporary service shutdown” and work to restore service. He did not give an estimate for a restart date.
The incident is one of the most disruptive digital ransom deals on record and prompted U.S. lawmakers to tighten protections for critical U.S. energy infrastructure from hackers.
Colonial transports 2.5 million barrels per day of gasoline and other fuels from refiners on the Gulf Coast to consumers in the mid-Atlantic and southeastern United States.
Its 8,850-kilometer network serves major US airports, including Atlanta’s Hartsfield Jackson Airport, the world’s busiest for passenger traffic.
Retail fuel experts, including the American Automobile Association, have said that a multi-day outage could have significant impacts on regional fuel supplies, especially in the southeastern United States.
While the US government investigation is in its early stages, a former US official and two industry sources said the hackers were likely a group of professional cybercriminals and that a group dubbed “DarkSide” was likely part of it. potential suspects.
DarkSide is known to deploy ransomware and extort victims while avoiding targets in post-Soviet states. Ransomware is a type of malware designed to lock down systems by encrypting data and demanding payment to regain access.
Cyber security firm FireEye was also called in to respond to the attack, according to the two industry sources. FireEye declined to comment.
Colonial said on Saturday night that he was working with a “top third-party cybersecurity company,” but did not name the company.
Bloomberg News, citing people familiar with the matter, reported on Saturday evening that the hackers were part of DarkSide and had removed nearly 100 gigabytes of data from the Colonial network on Thursday before the pipeline closed.
Colonial did not immediately respond to an email from Reuters requesting comment outside regular U.S. business hours.
President Joe Biden was briefed on the incident on Saturday morning, a White House spokesman said, adding that the government was working to help the company resume operations and prevent supply disruptions .
Another pipeline serving the same areas carries a third of what Colonial does. Any prolonged shutdown would force tankers to transport fuels from the US Gulf Coast to ports on the East Coast.
The Georgia-based private company is owned by CDPQ Colonial Partners LP, IFM (US) Colonial Pipeline 2 LLC, KKR-Keats Pipeline Investors LP, Koch Capital Investments Company LLC and Shell Midstream Operating LLC.
Gasoline futures and diesel futures on the New York Mercantile Exchange rose on Friday after the outage was reported. In previous colonial blackouts, retail prices rose dramatically, even briefly.
Oil refining companies contacted by Reuters on Saturday said their operations had not yet been affected. Some were monitoring developments and working to find alternative means of transportation for customers.
Our Morning Update and Evening Update newsletters are written by The Globe’s editors, giving you a concise summary of the day’s main headlines. register today.