[Glorida Gonzalez and Ben Lefebvre] The main fuel supply line to the U.S. East Coast was shut down on Friday after the pipeline’s operator was hit by what is believed to be the largest successful cyberattack on oil infrastructure in the country’s history.
The attack on the Colonial Pipeline, which runs 5,500 miles and provides nearly half the fuel used on the East Coast, affected some of the company’s IT systems. Colonial said it has engaged a third-party cybersecurity firm to investigate the incident, which it confirmed was a ransomware attack, and has contacted law enforcement and other federal agencies.
The attack presents a major test for how the Biden administration will respond to cyber attacks on critical infrastructure at a time when hackers are increasingly targeting essential utility services. The outage, depending on its duration and who is found to be behind it, could send fuel prices in the southeastern U.S. above $3 a gallon, market analysts said.
“This was not a minor target,” said Amy Myers Jaffe, a long-time energy researcher and author of Energy’s Digital Future. “Colonial Pipeline is ultimately the jugular of the US pipeline system. It’s the most significant, successful attack on energy infrastructure we know of in the United States. We’re lucky if there are no consequences, but it’s a definite alarm bell.”
The Cybersecurity and Infrastructure Security Agency believes that the intrusion is the work of the criminal ransomware gang known as Darkside and not a nation-state, according to a security researcher who requested anonymity to speak freely. CISA did not immediately respond to a request for comment.
Sen. Ben Sasse (R-Neb.) said the attack is the latest indication that the government isn’t ready for potentially debilitating cyber strikes.
“There’s obviously much still to learn about how this attack happened, but we can be sure of two things: This is a play that will be run again, and we’re not adequately prepared,” Sasse said in a statement. “If Congress is serious about an infrastructure package, at front and center should be the hardening of these critical sectors — rather than progressive wishlists masquerading as infrastructure.”
Fuel imports into New York Harbor should cushion the blow for drivers in Baltimore and places north, market analysts said. But if Colonial remains down past the start of this coming week, drivers could begin to hoard fuel and prices will rise dramatically even before the normal start of the summer driving season, when prices normally increase.
“Colonial delivers products to terminals every five days,” said Andy Lipow, president of consulting firm Lipow Oil Associates. “There may be some terminals that had been depending on deliveries yesterday, today or tomorrow that will be immediately affected. But on a widespread basis, in four to five days you’ll see signs of impact, especially when consumers get wind of what’s going and start filling up their cars.”
Colonial said it is working to restore its service and return to normal operations. The company said in a statement that it “proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.”
The security researcher said the firm Colonial hired to help with the effort is Fire Eye, the same company that last year discovered the massive SolarWinds hack on federal government agencies and about 100 companies.
The Federal Energy Regulatory Commission said it is working with other federal agencies to monitor developments on the cyberattack. The FBI and the Department of Energy could not be immediately reached for comment.
To continue reading, click here…
[Editor’s Note: This article was written by Gloria Gonzalez and Ben Lefebvre, and first published at Politico]