Ransomware Attack Cripples Colonial Pipeline Causing Panic in Southeast

Category: Data Security , Cyberbytes
Author: Mandy Remke

Colonial Pipeline, based in Alpharetta, GA, transports more than 100 million barrels of fuel a day over 5,500 miles across the United States. It is the largest refined products pipeline in the country and reaches energy needs of consumers from Houston, Texas to the New York Harbor.

On May 7, 2021 Colonial Pipeline fell victim to a ransomware attack that caused all pipelines to be halted in an attempt to contain the breach. The company brought in leading third-party cybersecurity experts to launch an investigation into the nature and scope of the cyberattack. Colonial Pipeline is working with law enforcement and federal agencies in response to the attack including the Department of Energy.

President Joe Biden addressed the attack reporting that Russian actors are responsible. The FBI confirmed on May 10 that ransomware made by a group known as DarkSide was used in the attack on Colonial Pipeline with evidence emerging tying the group’s location to Russia or Eastern Europe.

Deputy National Security Advisor for Cyber and Emerging Technologies, Anne Neuberger, said that the U.S. has no advice to ransomware attack victims on whether or not they should provide payment to hackers in order to restore systems. Neuberger also reported that the federal government is engaging with Colonial Pipeline on the attack.

Rest easy with ThreatAdvice vCISO

The ransomware attack caused Colonial Pipeline to shut down on May 7, leading to panic buying of gasoline in the Southeastern United States. Gasoline prices jumped and the national average rose two cents on May 11. Fuel stations in Birmingham, AL had prices rising twenty cents. Southeastern governors are responding to the panic with state of emergency declarations and temporary suspension of gasoline tax. The federal government announced an emergency declaration that extends through June 8.

Colonial Pipeline released a statement in the evening on May 11 describing intentions of manually operating and prioritizing markets experiencing supply constraints, but has released no information or answer as to the cybersecurity protections that were being exercised before the attack. Energy Secretary, Jennifer M. Granholm spoke at the White House, reporting that there is not an issue of gasoline shortage, but an issue of getting it to the right places while the pipeline is shut down. No information has been given on when full operation of the pipelines will resume, and Colonial Pipeline has not defined what determinants will factor into its decision on when to restart the pipeline.

May 12, 2021
Back
Share this post on social media