The Colonial Pipeline is a gargantuan energy pipeline that stretches all the way from New Jersey to Texas. Incredibly, it supplies an estimated 45% of all the gasoline, jet fuel and diesel fuel to the east coast of the United States.
Shockingly, an enormous ransomware attack struck the pipeline on Friday, May 7.
The pipeline has been shut down to protect it from further attacks as a third party investigates where the attack may have come from and what sort of cybersecurity vulnerability in the pipeline’s systems was exploited to make the attack possible.
However, given the pipeline’s critical importance, gas prices are expected to spike if it is not reopened soon.
A Massive Cyberattack on Energy Infrastructure
This attack may well be the single largest successful cyberattack ever carried out on a piece of energy infrastructure in the history of the United States.
According to Bloomberg News, a hacker collective called DarkSide is believed to be responsible for the attack, though this has not yet been absolutely confirmed. On Thursday, May 6, this group is alleged to have grabbed approximately 100 gigabytes of data out of the Colonial Pipeline’s cloud network before shutting down the pipeline. The data are not being held for ransom.
DarkSide is believed to be headquartered in Russia.
Since it’s not yet clear how the attackers broke into the pipeline, it is being kept shut down as a precautionary measure while an investigation commences. However, without the Colonial Pipeline, the supply of gas going to the east coast will fall sharply, and the price will concomitantly rise.
In response, the US Department of Transportation has issued an emergency declaration temporarily suspending enforcement of Parts 390 to 399 of Title 49 of the Code of Federal Regulations. These regulations place restrictions “for motor carriers and drivers who are providing assistance to areas that are suffering” shortages of petroleum-related products in the wake of the pipeline’s closure, according to The Hill.
These restrictions, therefore, do not currently apply to Alabama, Arkansas, the District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi. New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.
This state of emergency is planned to remain in effect until June 8, 2021. According to the FBI, they were notified on May 7 of “network disruption” at the pipeline and are working to discover precisely who was responsible for the hack.