One of the largest fuel pipeline operators in the United States shut down its entire network after a ransomware attack. The attack on Colonial Pipeline, which operates the country’s largest gas pipeline, has brought to the fore how critical infrastructure is facing increasing threats from increasingly sophisticated hackers. Colonial, which transports nearly half of the gasoline, diesel and jet fuel to the East Coast and has a capacity of about 2.5 million barrels per day, hired a cybersecurity firm to investigate what s ‘has happened as she struggles to reestablish her operations. The company said it had decided to take “some systems offline to contain the threat, which temporarily halted all pipeline operations and affected some of our IT systems.”
“It was not a minor target,” Amy Myers Jaffe, an energy expert, told Politico. “Colonial Pipeline is ultimately the jugular of the American pipeline system. This is the largest and most successful attack on energy infrastructure that we know of in the United States. We are lucky if there are no consequences, but it is a definite wake-up call. Colonial did not say how long its pipelines would be closed. Depending on its duration, the shutdown could lead to higher fuel prices. Experts say consumers will start to see prices at the pump rise if the shutdown lasts longer than three days.
Government sources and cybersecurity experts say it appears Eastern European criminal gang DarkSide is responsible for the attack. Ransomware attacks typically involve hackers encrypting data and demanding a large payment to unlock it again. DarkSide in particular is known to follow the “double extortion” playbook in which it not only encrypts data, but also threatens to release it to the public if the ransom is not paid. DarkSide is also known to “selectively avoid targets in post-Soviet states,” Reuters notes.
The attack provides a key test for the White House and how President Joe Biden will choose to respond to cyber attacks on critical infrastructure. Some lawmakers have already said this demonstrates how the United States is not prepared to deal with these growing threats. “There is obviously a lot to learn about how this attack happened, but we can be sure of two things: this is a play that will be performed again, and we are not sufficiently prepared,” said the Senator Ben Sasse of Nebraska in a statement. “If Congress is serious about an infrastructure package, the forefront should be the hardening of these critical sectors – rather than progressive wishlists disguised as infrastructure.” Experts say these types of attacks are more common than what is publicly known.