Ransomware used in cyber attack on one of US’ largest fuel pipelines

8 May, 2021 16:58 / Updated 4 years ago

Cyber attackers who shut down one of the US’ main fuel pipelines used so-called ransomware to lock up the system. Moving 100 million gallons of fuel a day, the pipeline is a critical target.

A gasoline and diesel pipeline running the length of the US East Coast was temporarily shut down following a cyber attack on Friday. The pipeline’s operator, the Colonial Pipeline Company, released a statement on Friday night acknowledging the “cybersecurity attack” and announcing that “all pipeline operations” had been halted in response.

"We have since determined that this incident involves ransomware," the company declared in an updated statement on Saturday.

Typically deployed by cybercriminals, ransomware locks down systems by encrypting data, until the victims pay up. Reuters notes that such attacks have become more common over the last five years.

A ransomware attack in the Netherlands last month targeted a logistics company and led to shortages of packed cheese and other groceries in the country’s largest supermarkets. The company got its systems back under control, but declined to say whether it paid the ransom to do so.

Colonial said that it has notified law enforcement, and hired private cybersecurity firms to investigate “the nature and scope of this incident.”

Colonial’s pipelines supply more than 45% of all fuel consumed in the East Coast, according to data from the company’s website. With its pipes transporting 100 million gallons of gasoline, diesel and kerosene from refineries in Texas all the way to New York every day, a shutdown could very realistically lead to fuel shortages in multiple states.

The firm gave no details about when the fuel supply would be turned on again. “We are working diligently to address this matter and to minimize disruption,” its statement concluded.

As of yet, there is no indication as to who is behind the attack. However, the pipeline isn’t the first piece of critical infrastructure targeted by cyber attackers. A water treatment plant in Florida was breached by hackers back in February, months after the SolarWinds ‘hack’ left upwards of 250 government agencies and businesses unprotected for weeks. The latter incident was blamed, without evidence, on Russia.

The Biden administration responded to the attack in Florida by calling on energy providers to beef up their security procedures. "The United States faces a well-documented and increasing cyber threat from malicious actors,” Energy Secretary Jennifer Granholm said last month. "It's up to both government and industry to prevent possible harms… so Americans can rely on a resilient, secure and clean energy system."

Historically, the main threats to Colonial’s pipelines were natural ones. Hurricane Harvey shut down the line in 2017, while underground leaks and construction accidents interrupted service to the entire east coast in 2016.

Think your friends would be interested? Share this story!