Update on the Colonial Pipeline ransomware attack
Last Friday, the Colonial Pipeline suffered from a cyberattack forcing it to shut down four of its main lines and highlighting the real-world consequences of a successful campaign against infrastructure. The shutdown has caused fuel shortages and prices to rise. Colonial provides roughly 45% of the East Coast’s fuel, such as diesel, gasoline, home heating oil, jet fuel, and military supplies. Each day, Colonial transports 100 million gallons of fuel across a vast expanse of area, from Texas to New York. Threat actor group DarkSide has claimed responsibility for the attack, however, few concrete details have been made public.
However, what appears to have happened is a ransomware outbreak, linked to the DarkSide group, that struck Colonial Pipeline’s networks. In the company’s latest update, it stated that remediation is ongoing and each system is being worked on. Colonial’s plan is reportedly based on a number of factors, with security and compliance taking precedent in driving operational decisions. colonial hopes to have “substantially” restored its services by the end of the week. This cyberattack is not the first of its kind nor the worst, however, it reminds the US that its critical infrastructure remains at risk to threat actors and that it needs to take further measures to protect its assets.