Ransomware Takes Down East Coast Fuel Pipeline
The US government has issued emergency legislation following a ransomware attack that impacted the country’s largest fuel pipeline, the Colonial Pipeline. Over the weekend, the pipeline confirmed that it had suffered from a serious cyber-attack that resulted in some of its services being taken offline. The infrastructure attack is the first of this scale and damage in 2021 and has raised concerns about the US’s ability to protect its critical and valuable infrastructure. Colonial stated that it took down certain systems to contain the threat after learning about the attack.
The actions that were taken to mitigate any further risks to Colonial after discovering the attack temporarily halted all pipeline operations and affected IT systems, according to the company. Colonial stated that it is in the process of restoring the IT systems in an update issued on Sunday. The mainlines remain offline, however, some smaller lines between terminals and delivery points are back up, according to Colonial. The aforementioned emergency government legislation is designed to relax rules restricting the transportation of fuel by road to ensure that no extreme shortages are faced while Colonial gets the mainlines up and running again. Despite the legislation, it is likely that the 12 states the pipeline travels through will face shortages and price rises due to the incident.
Security officials have identified that the attack may have been launched by the DarkSide group, a Russian-speaking entity, who also claimed to have stolen 100GB of data. However, it remains unclear if the attack was the work of a nation-state actor and what the primary motive behind the pipeline takedown was.