Major U.S. pipeline halts after ransomware attack – fr

Major U.S. pipeline halts after ransomware attack – fr

WASHINGTON (AP) – The federal government is working with the Georgia-based company that closed a major fuel pipeline on the East Coast after a ransomware attack, says the White House.

The government is planning various scenarios and is working with state and local authorities on measures to alleviate any potential supply issues, officials said on Saturday. The attack is unlikely to affect gasoline supply and prices unless it results in an extended shutdown, experts said.

Pipeline colonial did not say what was requested or who requested it. Ransomware attacks are typically carried out by criminal hackers who scramble data, cripple victims’ networks, and demand a large payment to decrypt them.

Colonial Pipeline did not say what was requested or who requested it. Ransomware attacks are usually carried out by criminal hackers who scramble data, cripple victim networks, and demand a large payment to decrypt them.

The attack on the company, which claims to provide roughly 45% of the fuel consumed on the East Coast, once again highlights the vulnerabilities of critical infrastructure in the face of damaging cyber attacks that threaten to hamper operations. This presents a new challenge for an administration still grappling with its response to major hacks from months ago, including a massive breach of government agencies and businesses for which the United States has sanctioned Russia. last month.

In this case, Colonial Pipeline said the ransomware attack on Friday affected some of its computer systems and the company acted “proactively” to take some systems offline, disrupting pipeline operations. In an earlier statement, he said he was “taking steps to understand and resolve this issue” with a view to returning to normal operations.

The Alpharetta, Ga.-Based company transports gasoline, diesel, jet fuel and heating oil from refineries on the Gulf Coast through pipelines from Texas to New Jersey. Its pipeline network spans more than 5,500 miles, transporting more than 100 million gallons per day.

Private cybersecurity firm FireEye said it was hired to handle the incident response investigation.

Oil analyst Andy Lipow said the impact of the attack on supplies and fuel prices depends on the length of the pipeline shutdown. A day or two outage would be minimal, he said, but a five or six day outage could lead to shortages and price hikes, especially in an area stretching into central Alabama. in the Washington, DC area.

Lipow said a major concern over an extended delay would be the supply of jet fuel needed to keep major airports operating, such as those in Atlanta and Charlotte, North Carolina.

A leading expert in industrial control systems, Dragos CEO Robert Lee, said systems such as those that directly manage pipeline operations have increasingly been connected to computer networks over the course of the decade. last decade.

But critical infrastructure companies in the energy and power sectors also tend to invest more in cybersecurity than other sectors. If the Colonial shutdown was primarily preventative – and it detected the ransomware attack early and was well prepared – the impact might not be great, Lee said.

While there have long been fears that US adversaries could disrupt US energy providers, ransomware attacks by criminal syndicates are much more common and have exploded in recent times. The Department of Justice has a new task force dedicated to combating ransomware attacks.

The attack “underscores the threat that ransomware poses to organizations regardless of size or industry,” said Eric Goldstein, executive deputy director of the cybersecurity division of the Federal Cybersecurity and Security Agency.

“We encourage every organization to take steps to strengthen its cybersecurity posture to reduce its exposure to these types of threats,” Goldstein said in a statement.

The ransomware scrambles the data of a victim organization with encryption. Criminals leave instructions on infected computers on how to negotiate ransom payments and, once paid, provide software decryption keys.

The attacks, mainly by criminal syndicates operating outside Russia and other shelters, reached epidemic proportions last year, costing tens of billions of dollars to hospitals, medical researchers, private companies, local and local governments and schools. Biden administration officials warn of a threat to national security, especially after criminals began stealing data before scrambling victim networks and said they would expose it online unless ‘a ransom is not paid.

The average ransoms paid in the United States nearly tripled to over $ 310,000 last year. Average downtime for victims of ransomware attacks is 21 days, according to Coveware, which helps victims to react.

US law enforcement officials claim that some of these criminals worked with the Russian security services and that the Kremlin is taking advantage by damaging the economies of its opponents. These transactions can also provide cover for intelligence gathering.

“Ransomware is the most common disruptive event that organizations see today that would force them to shut down to prevent the spread,” said Dave White, president of cybersecurity firm Axio.

Mike Chapple, professor of computer science, analysis and operations at the Mendoza College of Business at the University of Notre Dame and a former computer scientist with the National Security Agency, said pipeline control systems should not be connected to the Internet and vulnerable to cyber intrusions.

“The attacks were extremely sophisticated and they were able to overcome some fairly sophisticated security controls, or the right level of security controls were not in place,” Chapple said.

Brian Bethune, professor of applied economics at Boston College, also said the impact on consumer prices is expected to be short-lived as long as the shutdown lasts no longer than a week or two. “But it shows how vulnerable our infrastructure is to these types of cyber attacks,” he said.

Bethune noted that the shutdown comes at a time when energy prices have already risen as the economy reopens more as pandemic restrictions are lifted. According to the AAA Automobile Club, the national average for a gallon of regular gasoline has risen 4 cents since Monday to $ 2.94.

Anne Neuberger, the Biden administration’s deputy national security adviser for cybersecurity and emerging technologies, said in an interview with The Associated Press in April that the government is embarking on a new effort to help electric utilities , water districts and other critical industries to protect against potentially damaging cyber attacks. . She said the goal was to ensure that control systems serving 50,000 or more Americans have the core technology to detect and block malicious cyber activity.

Since then, the White House has announced a 100-day initiative to protect the country’s power system from cyber attacks by encouraging owners and operators of power plants and electric utilities to improve their cyber threat identification capabilities. on their networks. It includes concrete milestones for them to implement technologies so they can spot and respond to intrusions in real time.


Suderman reported from Richmond, Virginia. Associated Press editors Frank Bajak in Boston and Martin Crutsinger and Michael Balsamo in Washington contributed to this report.


Please enter your comment!
Please enter your name here