The Largest Fuel Pipeline in the U.S. Has Shut Down Over a Ransomware Attack

The Largest Fuel Pipeline in the U.S. Has Shut Down Over a Ransomware Attack
Photo: John Randeris Hansen / Ritzau Scanpix / AFP, Getty Images

If you live on the U.S. East Coast and see fuel prices go up soon, there’s a good chance it’s because of the cyberattack that forced the Colonial pipeline, the country’s largest refined products pipeline, to shut down. There is currently no indication of when it will start back up again.

Operators of the Colonial pipeline — a 8,851 km system that takes fuel from refineries in Houston, Texas to the New York harbour — have shut down the entire system because of the cyberattack, which officials revealed to be ransomware on Saturday. Hackers that use ransomware, a type of malware, encrypt a victim’s files and demand a ransom payment in order to restore access.

According to NBC News, the pipeline, which is owned by a company of the same name, transports 2.5 million barrels of gas, diesel, jet fuel, and other refined products per day.

Colonial Pipeline (the company), which is controlled by companies including Koch Industries and Royal Dutch Shell, affirms it’s responsible for transporting 45% of the East Coast’s fuel supply alone, the outlet stated. In a statement on its website on Saturday, the company affirmed that it had engaged a leading third-party cybersecurity firm to investigate the incident. The Wall Street Journal reported that the cybersecurity company FireEye is investigating the attack.

Colonial Pipeline said that after it determined that the cyberattack involved ransomware, it “proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.”

The company has contacted law enforcement and other federal agencies, it said in the statement.

In the Journal report, two people familiar with the investigation stated that the attack appeared to be limited to Colonial Pipeline’s information systems. It seemed like it hadn’t affected its operational control systems, they said, adding that the inspection was still in its early stages.

This isn’t the first time the Colonial pipeline has made headlines in recent months. Earlier this year, the company revealed that a spill in North Carolina last August led to a leak of 1.2 million gallons of gasoline, the biggest spill since 1997. Initially, the company stated that only 238,481 l had been leaked, but that number steadily crept way up.

It is unclear when the pipeline will resume operations. Colonial Pipeline stated it was taking steps to understand and resolve the issue.

“At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation,” Colonial Pipeline said. “This process is already underway, and we are working diligently to address this matter and to minimise disruption to our customers and those who rely on Colonial Pipeline.”

The federal government has recently been sounding the alarm about the threat posed by ransomware attacks. On Wednesday, Department of Homeland Security Secretary Alejandro Mayorkas stated that these attacks were on the rise and that targets ranged from government agencies to small businesses. The threat is real, Mayorkas said, and there is a risk to all of us.

Additionally, last month a Justice Department memo obtained by CNN stated that the agency had created a new task force dedicated to confronting and responding to ransomware threats.

As far as price increases go, Reuters points out that prices aren’t expected to rise unless the closure lasts more than three days. States in the southeastern part of the country would likely see price jumps first. In 2016, for instance, a Colonial system leak forced the line to shut down for more than 10 days, driving prices up by more than 30 cents ($0.38) a gallon.

Update 5/8/2021, 11:18 p.m. ET: This post has been updated with additional information provided by Colonial Pipeline.