US pipeline firm ceases operations after cyber assault – WISH-TV | Indianapolis Information | Indiana climate
WASHINGTON (AP) – A US energy company said a cyberattack forced it to temporarily suspend operations on a large pipeline that supplies around 45% of all fuel consumed on the east coast.
Colonial Pipeline said the attack took place on Friday and also affected some of its information technology systems. The company transports gasoline, diesel, jet fuel and heating oil from refineries located primarily on the Gulf Coast via pipelines from Texas to New Jersey.
The Alpharetta, Georgia-based company said it hired an outside cybersecurity firm to investigate the nature and scope of the attack and has also reached out to law enforcement and federal agencies. While there have long been fears that U.S. adversaries could disrupt American utility companies, ransomware attacks by criminal syndicates are far more common and have increased dramatically in recent times.
In a statement late Friday, Colonial Pipeline said it had “taken steps to understand and resolve this issue” and focused primarily on “the safe and efficient restoration of our service and our efforts to return to normal operations.” . It said it was “working diligently to address this issue and to minimize disruption to our customers and those who depend on Colonial Pipeline.”
Oil analyst Andy Lipow said the impact of the attack on fuel supplies and prices will depend on how long the pipeline is down. A day or two of downtime would be minimal, he said, but a five or six day downtime could create bottlenecks and price hikes, especially in an area from central Alabama to Washington, DC.
Lipow said a major concern about an extended delay is the supply of jet fuel necessary to operate large airports like those in Atlanta and Charlotte, North Carolina.
The exact nature of the attack was unclear, including who started it and the reasons for the attack. A Colonial Pipeline spokeswoman declined to say whether the company received a ransom note, as is common in cybercriminal attacks.
Robert Lee of Dragos, Inc., a leading expert on industrial control systems, said everything points to a ransomware attack.
“How long they’ll be down depends on how far and wide this is,” he said. The pipeline could be operational again relatively quickly if only IT systems are affected and Colonial is well prepared. But if the network that directly controls the pipeline functions is affected, it could take days, he said.
“It would not be inappropriate for an extended period of time, say a week, for outages to occur when they impacted the operational side. We just don’t know that yet, ”said Lee.
Ransomware uses encryption to encrypt the data of a victim organization. The criminals leave ransom payment negotiation instructions on infected computers and provide software decryption keys after payment.
Mike Chapple, professor of IT, analytics and operations teaching at Mendoza College of Business at Notre Dame University and a former computer scientist with the National Security Agency, said systems that control pipelines should not be connected to the internet and be vulnerable to cyber intrusion.
“The attacks were extremely sophisticated and could break down some pretty sophisticated security checkpoints or the right level of security checkpoints did not exist,” said Chapple.
Brian Bethune, professor of applied economics at Boston College, also said the impact on consumer prices should be short-lived as long as the shutdown doesn’t last more than a week or two. “But it’s an indication of how vulnerable our infrastructure is to these types of cyberattacks,” he said.
Bethune noted the shutdown comes at a time when energy prices have already risen as the economy continues to open as pandemic restrictions are lifted. According to the AAA Auto Club, the national average for a gallon of regular gasoline has increased four cents since Monday to $ 2.94.
Colonial Pipeline said it carries more than 100 million gallons of fuel daily through a pipeline system that extends for more than 5,500 miles.
The FBI and the White House National Security Council did not immediately return comments. The federal agency for cybersecurity infrastructure and security referred questions about the incident to the company.
A hacker’s failed attempt to poison the water supply of a small Florida town raised alarms about how vulnerable the country’s critical infrastructure could be to attacks by more sophisticated intruders.
Anne Neuberger, the Biden government’s assistant national security advisor on cybersecurity and emerging technologies, said in an interview with The Associated Press in April that the government is making renewed efforts to help electricity utilities, water districts and other critical industries protect themselves from potentially harmful cyberattacks help. She said the goal is to ensure that control systems serving 50,000 or more Americans have the core technology to detect and block malicious cyber activity.
Since then, the White House has announced a 100-day initiative aimed at protecting the country’s electricity system from cyberattacks by encouraging power plant and utility owners and operators to improve their skills in identifying cyber threats to their grids. It contains concrete milestones for the use of technologies so that you can recognize and react to interventions in real time. The Justice Department also announced a new task force dedicated to combating ransomware attacks, which involves confiscating data from hackers who demand payment from victims in order to release it.
Suderman reported from Richmond, Virginia. AP Economics Writer Martin Crutsinger and Technology Writer Frank Bajak contributed to this.