Cyber Attack Paralyzed Fuel Pipeline Network

This post is also available in: עברית (Hebrew)

Cybersecurity attacks have been paralyzing critical infrastructures around the world.

A leading U.S. fuel pipeline operator shut its entire network, the source of nearly half of the U.S. East Coast’s fuel supply, after a cyber attack on May 7 that involved ransomware.

Ransomware is a type of malware designed to lock down systems by encrypting data and demanding payment to regain access.

The incident is one of the most disruptive digital ransom operations ever reported and has drawn attention to how vulnerable U.S. energy infrastructure is to hackers. A prolonged shutdown of the line would cause prices to spike at gasoline pumps ahead of peak summer driving season, a potential blow to U.S. consumers and the economy.

Colonial Pipeline transports 2.5 million barrels per day of gasoline, and other fuels through 5,500 miles (8,850 km) of pipelines linking refiners on the Gulf Coast to the eastern and southern United States. It also serves some of the country’s largest airports.

The ransomware attack was apparently executed by a professional cybercriminal group. Investigators are reportedly looking at a group dubbed “DarkSide,” known for deploying ransomware and extorting victims while avoiding targets in post-Soviet states. 

The Department of Energy said it was monitoring potential impacts to the nation’s energy supply, while both the U.S. Cybersecurity and Infrastructure Security Agency and the Transportation Security Administration told Reuters they were working on the situation.