The largest gasoline pipeline on the East Coast, and the US in general, was shut down on Friday after its operator struggled to contain a cyberattack which threatened its systems. The 5,500-mile Colonial Pipeline, which is the single largest refined-products pipeline in the United States, halted transit as the company was forced to take “certain systems offline to contain the threat, which has temporarily halted all pipeline operations,” according to The Wall Street Journal on Saturday. It’s reportedly still offline into early Saturday.
Colonial’s network is responsible for supplying fuel that originates with refiners on the Gulf Coast to most of the eastern and southern US, accounting for over 2.5 million barrels per day in gasoline, diesel, and jet fuel, or other refined products transferred, making up 45% of all the East Coast’s fuel supply. It spans from Texas through southern states and up to New Jersey.
“At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation,” the Alpharetta, Georgia-based company stated. “This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers.”
The disruption earlier in the day Friday saw Gulf Coast cash prices for gasoline and diesel push lower, though longer-term price effects will depend on just how long the lines remain shut. If the closure persists further into the weekend or even early next week, it’s very likely to send gasoline prices soaring.
The last time there was a significant shutdown of Colonial’s lines was during Hurricane Harvey in 2017, which shot spot Gulf Coast gasoline prices to a five-year high and diesel to near a four-year high.
This fresh cyberattack against vital American infrastructure has reportedly already seen federal agencies and law enforcement get involved, alongside a third-party cybersecurity firm brought in by Colonial to launch an investigation. Some of the early details of the investigation suggest a ransomware attack, which is being reported as follows:
The Washington Post reported that ransomware was used in the attack, citing two U.S. officials it didn’t identify. It wasn’t clear if the attack was carried out by foreign government hackers or a criminal group, the officials told the Post. In ransomware attacks, hackers typically encrypt an organization’s computer files and then demand a ransom payment to unlock the data.
Though there appears little in the way of culprits or suspected individuals or entities that may have carried out the attack at this early period of the investigation, we can expect the Biden administration to hold this up as a prime example of why his ambitious cybersecurity and power grid protection initiative is urgent and essential.
It also comes after the White House’s April 15 sanctions rollout targeting Russian officials and entities for alleged involvement in the SolarWinds hack. The need for an overhaul of cybersecurity and protections of US government and civil infrastructure networks has been a major theme of this administration, also stemming from leading Democrats quickly blaming Moscow for pretty much every hack which targets American companies or agencies for much of the past five years, despite cases often lacking any evidence as to responsible parties. The Iranians and Chinese have also increasingly brought in alongside the Russians as prime nefarious actors in terms of cyberthreats.
However, as was recently admitted in a Wired piece on the Oldsmar, Florida water supply systems hack wherein chemicals were added to the town’s water at dangerous levels, there’s also many instances of “unsophisticated” lone wolf hackers able to sometimes penetrate overly exposed systems.
As suspected, the Colonial Pipeline precautionary shutdown was due to ransomware. This is what I was hearing from sources as well. https://t.co/nNXocQPXYT
— Kim Zetter (@KimZetter) May 8, 2021
But there’s little doubt that in this major instance of the Colonial pipeline going offline, we expect any moment to hear screams of “Russians!” – even before any evidence is publicly made available, if it gets presented at all.