Cyberattack on Fuel Pipeline Leads To Temporary Closure
Operators closed the main pipeline carrying oil fuel to the US East Coast after getting hit with a cyberattack. Colonial Pipeline Co, which operates the 5,500-mile Colonial Pipeline system, said hackers managed to access their system for a cyberattack.
Now, the company is taking its system offline to work on neutralizing the threat. However, this meant closing the pipeline and putting a stop to all fuel transfers.
RELATED: Microsoft Detects New Cyberattacks That Target the Upcoming U.S. Elections
Cyberattack Likely Ransomware
The Colonial pipeline transfers fuel from the refineries of the Gulf Coast to the New York metro area. The 5,500-mile system holds around 45% of gasoline and diesel fuel consumed on the East Coast.
For now, the shutdown has yet to affect local fuel market prices. However, if the attacks persist or the shutdown continues for a few more days, that’s when prices may get higher.
During its investigation over the week, Colonial confirmed that the cyber attack involved ransomware. It’s a type of code that locks computer systems from access by the owner.
Hackers will only unlock the system when the victim pays the ransom. Otherwise, the criminal elements can either destroy the system or keep it locked. At the moment, evidence points that the cyberattack has yet to reach operational control systems. Colonial already contacted law enforcement and engaged the services of cybersecurity firms for help.
Vulnerability in The Energy Sector
The Colonial attack exposed the US energy sector as vulnerable. Many installations use aging infrastructure that is prone to attacks. There are concerns that many pipelines and refineries operate well past their primes.
In addition, these installations have few protections against modern cyberattacks. This makes the oil pipeline system very vulnerable to a sophisticated attack. If this happens, the consequences are enormous, from delayed transportation due to lack of fuel to higher prices.
In particular, the energy sector remains a large target. The country’s maze of pipelines stretches over 2.5 million miles. Across that network are hundreds of thousands of sensors, valves, and detection systems.
Each one of these components is vulnerable to attack. Many instances of cyberattacks already happened. In 2016, Homeland Security reported it identified 186 vulnerabilities throughout the energy sector, the most of any critical-infrastructure industry that year. In 2018, federal officials warned that Russian hackers infiltrated the control rooms of US electric utilities.
Perpetrators Still Unknown
Meanwhile, it remains unclear on whether the attack’s authors were nation-state rogues or criminal organizations. “At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation,” the company said in a statement.
“This process is already under way, and we are working diligently to address this matter and to minimize disruption to our customers.” Colonial spokeswoman Kelsey Tweed said they have no further details to share at the moment.
On Sunday, Colonial announced that despite the main pipeline remaining shut down, lateral lines are operational. Some smaller lateral lines between terminals and delivery points are already continuing the flow of fuel to its destinations.
In addition, the company said it is working to restore IT systems. Soon as it receives federal approval, it will execute a plan to start the pipeline back up.
Watch the 11Alive report on the Colonial pipeline ransomware attack. Could gas prices increase because of this?
Are you aware of cyberattacks happening in your industry? Does your business have enough protection in place to ward off attacks like this?
Let us know what you think about cyberattacks. Share your comments below.
I have also had money drained from my personal bank account which the bank refused to reimburse do to them not being able to prove it wasn’t me who stole my money. Unbelievable. Plus I have witnessed many other people my age & the elderly fall victim to fraud via online gaming were we are told we have to give personal information we all think is common to hand out to companies because we want to believe everyone is legit. Simple things like our birthday& address give these scammers so many options to take everything without a trace or leaving us an option to get it back like we are all personally insured like our cars & homes. What good is having a bank account to keep our money protected if they are allowed to let anyone just clean us out with out us knowing or giving consent yet we cant ask for it back without an all out war. Its becoming a huge issue for a lot of Americans but the banks just continue to say what ever keeps the cash coming in with new customers & sweep all of us aside who grow inconvenient for them or want our money replaced. I have had 2 separate issues where a big bank made written promises that they wiggled out of using loophole attorneys who get a judge to side with them because of a clause but I dont have the same right on my side of the clause. Now we have to use prepaid account & paypal to deal with our online customers & prevent any large amount of our funds to be vulnerable again. Its disgusting what they all get away with. Both scammers & the banks are 1 in the same to us at this point. No consequences for either.