The largest gasoline pipeline in America is returning to service, recovering from a cyberattack late Friday that raised pump prices and choked fuel supplies across the Eastern U.S.
The Colonial Pipeline — a critical source of gasoline and diesel for the New York area and the rest of the East Coast — was being restarted around 5 p.m. Eastern time, the operating company said in a statement. The Alpharetta, Georgia-based company said over the weekend it was forced to take systems offline on May 7 in response to a ransomware attack.
The news comes as gasoline stations are running dry from Florida to Virginia. In parts of the U.S. South, three in every four gas stations had no fuel as of Wednesday, while in Washington, D.C., cars were lining up for blocks as they waited to fill up. U.S. pump prices have topped $3 a gallon for the first time in six years. Colonial each day normally ships about 2.5 million barrels (105 million gallons), an amount that exceeds the entire oil consumption of Germany.
The disruption underscores just how vulnerable America’s fuel supply system has become in the wake of increased attacks on energy infrastructure by hackers over the past few years.
Colonial is only the latest example of critical infrastructure being targeted by ransomware. Hackers are increasingly attempting to infiltrate essential services such as electric grids and hospitals. The escalating threats prompted the White House to respond last month with a plan to increase security at utilities and their suppliers. Pipelines are a specific concern because of the central role they play in the U.S. economy.
The attack on Colonial also came just as the nation’s energy industry is preparing for summer travel and as fuel demand rebounds from pandemic-related lockdowns. It was reminiscent of a 2018 cyberattack that brought down a third-party communications system used by several natural gas pipelines operators across the U.S. That hack didn’t halt actual gas flows, but it delayed utility billing and made it challenging for traders to forecast supplies.
The Federal Bureau of Investigation attributed the breach to ransomware created by a group called DarkSide. Some evidence emerged linking DarkSide to Russia or elsewhere in Eastern Europe. President Joe Biden said Russia has “some responsibility” to address the attack but stopped short of blaming the Kremlin, saying “there’s evidence” the hackers or the software they used are “in Russia.”
Shortly before the Colonial announcement, President Joe Biden said he was expecting good news on the situation and touted the steps he had taken to relieve supply disruptions.
“I’ve lifted some of the restrictions on the transportation of fuel as well as access to the United States military providing fuel, and with vehicles to get it there, places where it’s badly needed,” Biden told reporters at the White House.
The White House announced several measures to blunt the growing crisis, including waiving some gasoline requirements and empowering 10 states to allow heavier-than-normal truck loads of fuels. It is also taking initial steps toward possibly allowing foreign tankers to transport gasoline and diesel to East Coast ports.
In Washington, lawmakers were scheduled to receive a briefing from administration officials Wednesday evening.
Biden said the attack demonstrated the need for U.S. investments in education to improve the nation’s cyber defenses. He’s proposed some $4 trillion in spending on infrastructure, social welfare and education programs.
“We need a significantly larger number of experts in the area of cyber security working for private companies, as well as private companies being willing to share data as to how they’re protecting themselves,” he said. “I think that’s part of the long-term answer, not just in terms of energy but across the board.”
This isn’t the first time Colonial has been forced to shut down. In 2016, an explosion kept the system offline for days, raising gasoline prices and forcing the New York Harbor market to become more dependent on imports of fuel from overseas.
Colonial has the capacity to ship about 2.5 million barrels a day on its system stretching from Houston to North Carolina and another 900,000 barrels a day to New York.
Ransomware cases involve hackers seeding networks with malicious software that encrypts the data and leaves the machines locked until the victims pay the extortion fee, which can range from a few hundred dollars to millions of dollars in cryptocurrency. Utilities’ information technology networks, which run email and other routine functions, and operational technology networks, which control the actual functioning of the delivery of electricity or natural gas, are typically kept mostly separate, which is what made Colonial’s decision to temporarily shut down both so unusual.
___
© 2021 Bloomberg L.P.
Distributed by Tribune Content Agency, LLC