Get 40% Off
🤯 This Tech Portfolio is up 29% YTD! Join Now to Get April’s Top PicksGet The Picks – Just 99 USD

U.S. government working to aid top fuel pipeline operator after cyberattack

Published 05/09/2021, 06:06 AM
Updated 05/09/2021, 07:43 PM
© Reuters. Holding tanks are seen at Colonial Pipeline's Charlotte Tank Farm in Charlotte, North Carolina, U.S. an undated photograph.  Colonial Pipeline/Handout via REUTERS.

© Reuters. Holding tanks are seen at Colonial Pipeline's Charlotte Tank Farm in Charlotte, North Carolina, U.S. an undated photograph. Colonial Pipeline/Handout via REUTERS.

By Laila Kearney, Doina Chiacu and Laura Sanicola

(Reuters) -The White House was working closely with top U.S. fuel pipeline operator Colonial Pipeline on Sunday to help it recover from a ransomware attack that forced the company to shut a critical fuel network supplying populous eastern states.

The attack is one of the most disruptive digital ransom schemes reported and has prompted calls from American lawmakers to strengthen protections for critical U.S. energy infrastructure from hacking attacks.

Commerce Secretary Gina Raimondo said the pipeline fix was a top priority for the Biden administration and Washington was working to avoid more severe fuel supply disruptions by helping Colonial restart as quickly as possible its more than 5,500-mile (8,850 km) pipeline network from Texas to New Jersey.

"It's an all hands on deck effort right now," Raimondo said on CBS' "Face the Nation" program. "We are working closely with the company, state and local officials, to make sure that they get back up to normal operations as quickly as possible and there aren't disruptions in supply."

Colonial said on Sunday its main fuel lines remain offline but some smaller lines between terminals and delivery points are now operational. Neither Raimondo nor the company gave an estimate for a full restart date and Colonial declined further comment on Sunday.

U.S. gasoline futures jumped more than 3% to $2.217 a gallon, the highest since May 2018, as trading opened for the week and market participants reacted to the closure.

Colonial transports roughly 2.5 million barrels per day of gasoline and other fuels from refiners on the Gulf Coast to consumers in the mid-Atlantic and southeastern United States.

Its extensive pipeline network serves major U.S. airports, including Atlanta's Hartsfield Jackson Airport, the world's busiest by passenger traffic.

A Charlotte Douglas International Airport spokesperson said the airport had supply on-hand and was "monitoring the situation closely," adding that the complex is supplied by another major pipeline as well as Colonial.

Retail fuel experts including the American Automobile Association said an outage lasting several days could have significant impacts on regional fuel supplies, particularly in the southeastern United States.

During previous Colonial outages, retail prices in southeastern states have risen substantially.

Offices of governors in several of the U.S. states most vulnerable to fuel shortages - including Tennessee, Georgia and Maryland - were not immediately available for comment.

CYBERCRIMINALS SUSPECTED

While the U.S. government investigation is in the early stages, a former U.S. official and three industry sources said the hackers are suspected to be a professional cybercriminal group called DarkSide.

DarkSide is one of many ransomware gangs extorting victims while avoiding targets in post-Soviet states. The groups gain access to private networks, encrypt files using software, and often also steal data.

They demand payment to decrypt the files and increasingly ask for additional money not to publish stolen content.

In the Colonial attack, the hackers took more than 100 gigabytes of data, according to a person familiar with the incident.

As the FBI and other government agencies worked with private companies to respond, the cloud computing system the hackers used to collect the stolen data was taken offline Saturday, the person said.

Colonial's data did not appear to have been transferred from that system anywhere else, potentially limiting the hackers' leverage to extort or further embarrass the company.

Cybersecurity firm FireEye (NASDAQ:FEYE) is among those dealing with the attack, industry sources said. FireEye declined to comment. Colonial said it was working with a "leading, third-party cybersecurity firm," but did not name the firm.

Messages left with the DarkSide hackers were not immediately returned. The group's dark website, where hackers regularly post data about victims, made no reference to Colonial Pipeline.

Colonial declined to comment on whether DarkSide hackers were involved in the attack, when the breach occurred or what ransom they demanded.

BIDEN BRIEFED ON HACK

President Joe Biden was briefed on the cyberattack on Saturday morning, the White House said, adding that the government was working to try to help the company restore operations and prevent supply disruptions.

U.S. Senator Bill Cassidy, a Republican from Louisiana who sits on the Energy Committee, said lawmakers are prepared to work more with privately held critical infrastructure companies to guard against cyberattacks.

"The implication for this, for our national security, cannot be overstated. And I promise you, this is something that Republicans and Democrats can work together on," he said on NBC's "Meet the Press."

Another fuel pipeline serving the same regions carries a third of what Colonial does. Any prolonged outage would require tankers to transport fuels from the U.S. Gulf Coast to East Coast ports.

The Federal Motor Carrier Safety Administration is issuing a temporary hours of service exemption to truckers transporting refined products to 17 southern and east coast states including Alabama, Delaware, Florida, Georgia, New Jersey and New York.

Complicating the fallback plans, according to one industry source familiar with the federal response, was that the ranks of fuel-truck drivers for the main road transportation companies, which could pick up some of the pipeline volume, are down by 25% or more because of coronavirus infections.

© Reuters. Holding tanks are seen at Colonial Pipeline's Linden Junction Tank Farm in Woodbridge, New Jersey, U.S. in an undated photograph.  Colonial Pipeline/Handout via REUTERS.

Oil refining companies contacted by Reuters over the weekend said their operations had not yet been impacted. Some were working to find alternative transport for customers.

The privately held, Georgia-based company is owned by CDPQ Colonial Partners L.P., IFM (US) Colonial Pipeline 2 LLC, KKR-Keats Pipeline Investors L.P., Koch Capital Investments Company LLC and Shell Midstream (NYSE:SHLX) Operating LLC.

Latest comments

$feye. who you gonna call?
This is perfect for the left. They want to shutdown pipelines.
The government thats the last entity you want help you. As the Nordstrem 2 pipe line nears completion the government is getting nervous.
Heres a rhought elimanate all online presence that is able to be cyber attacked. If ita NOt commected to the web it cannot be hackedDuh
but you can't ban slacking employees from watching YouTube haha
Hopefully gas does not go up that much, i would hate to trade in my truck for a car or a bike :’D
Williams Companies(WMB) should skyrocket tomorrow....and check out their lofty dividend!
Joe Oil Biden is in charge. We will see this for 3 more years.
Cyberattack yeah right. Just an excuse to prop up crude oil
Who knows oil companies may have paid these darkWeb companies to initiate this cyber attack. Time to short the oil :)
since January 2021 anything and everything that never happened before in such quick succession has happened to prop up the price of oil.
It is a fuel, not oil, pipeline. This may temporarily limit the demand for oil, which could reduce the price.
not prop it...more like make an excuse for inflation other than money supply expansion..
If Biden was briefed that there are pipelines still operating in the US, he may move to shut them all down. He's brilliant like that.
Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.