A ransomware attack forced one of the largest gas pipelines in the United States to shut down. The Colonial Pipeline Company manages a network of 5,500 miles of pipeline from Houston, Texas, to Linden, New Jersey, which supplies about 45% of fuel used up and down the East Coast.
"On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack. We have since determined that this incident involves ransomware. In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations and affected some of our IT systems," the company said in a statement.
The shutdown of the pipeline is not expected to have an immediate impact on the supply of gasoline or jet fuel. The pipeline transports 2.5 million barrels of refined gasoline, diesel fuel, and jet fuel each day, though most of it ends up in storage tanks due to the decreased travel demand during the coronavirus pandemic.
Colonial Pipeline did not say if it will pay the ransom or when it expects normal operations to resume.
According to Bloomberg, a hacker group known as DarkSide is responsible for the cyberattack. They reportedly stole 100 gigabytes of data from the company the day before they launched the ransomware attack. The group is relatively new but is made up of veteran cybercriminals.
"They're very new, but they're very organized," Lior Div, the chief executive of Boston-based security firm Cybereason, told Reuters. "It looks like someone who's been there, done that."
Multiple federal agencies, including the FBI, the Department of Homeland Security, and the Cybersecurity and Infrastructure Security Agency, are investigating the cyberattack.
"The federal government is working actively to assess the implications of this incident, avoid disruption to supply, and help the company restore pipeline operations as quickly as possible," a White House spokesperson said.
Photo: Getty Images