On Friday night, the largest U.S. gas pipeline announced it had halted its operations after it discovered it was targeted in a cyber attack. The pipeline provides about 45 percent of the fuel supply along the east coast and southern United States.
In a company statement Friday night, Colonial Pipeline said, “On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack. In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.”
According to Bloomberg, Colonial Pipeline operates the largest gasoline and diesel pipeline system in the U.S.
CNBC reported the company transports 2.5 million barrels of gasoline, diesel, jet fuel and other refined products every day, accounting for about 45 percent of the east coast’s fuel supply. That fuel passes through 5,500 miles of pipelines. The pipeline network moves fuel from U.S. gulf coast refineries to populous areas along the eastern and southern United States.
The company announced it has hired a cybersecurity firm to investigate the cyberattack and have contacted law enforcement and other federal agencies.
“Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation,” the company said. “This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline.”
The company has not indicated who may have been behind the cyber attack.
The New York Times reported the FBI typically leads investigations of this nature, but critical infrastructure also falls under the responsibility of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).
Infrastructure is increasingly becoming a critical target for potential cyberattacks.
“It’s a serious issue,” Tom Kloza, the global head of energy analysis at Oil Price Information Service told the New York Times. “It could snarl things up because it is the country’s jugular aorta from moving fuel from the Gulf Coast up to New York.”
Mike Chapple, a former NSA computer scientist and cybersecurity expert at the University of Notre Dame told the Washington Post, “This pipeline shutdown sends the message that core elements of our national infrastructure continue to be vulnerable to cyberattack.”
Robert M. Lee, CEO and cofounder of the cybersecurity firm Dragos, told the Washington Post the pipeline outage may have been caused by a ransomware attack. He said, “There are absolutely cases in industrial operations where ransomware impacts operations.”
Lee said most ransomware attacks of this nature are carried out by criminal groups, rather than foreign governments.