In what was called “the most significant and successful attack on energy infrastructure we know of in the United States, a cyberattack was launched on the largest refined products pipeline in the United States, the Colonial Pipeline, on Friday, and if the subsequent outage is not corrected within days, the eastern half of the United States, which reportedly receives 45% of fuel from the pipeline, could see a surge in gas, oil, and diesel prices.
One expert told Politico the ransomware attack was “the most significant and successful attack on energy infrastructure we know of in the United States.” Politico reported, “The attack on the Colonial Pipeline, which runs 5,500 miles and provides nearly half the gasoline, diesel and jet fuel used on the East Coast, most immediately affected some of the company’s business-side computer systems — not the systems that directly run the pipelines themselves. The Georgia-based company said it shut down the pipelines as a precaution and has engaged a third-party cybersecurity firm to investigate the incident.”
“Administration officials said they believed the attack was the act of a criminal group, rather than a nation seeking to disrupt critical infrastructure in the United States. But at times, such groups have had loose affiliations with foreign intelligence agencies and have operated on their behalf,” The New York Times reported.
Mike Chapple from University of Notre Dame´s Mendoza College of Business, a former computer scientist with the National Security Agency, said, “The attacks were extremely sophisticated and they were able to defeat some pretty sophisticated security controls, or the right degree of security controls weren´t in place,” the Daily Mail reported.
Oil analyst Andy Lipow said if the shutdown lasted five or six days, price hikes would result, most notably affecting the supply of jet fuel major airports needed to operate.
Rob Lee of the cybersecurity firm Drago noted that if the attack only affected Colonial’s business computer systems, “I think it’s going to be relatively short-lived.”
Patrick De Haan, head of petroleum analysis at Gas Buddy, told Newsweek, “The challenges brought on by the Colonial Pipeline shut down would likely not appear for several days or longer. My guess is they’ll be able to restart the pipeline before any major issues develop. This should NOT be a pricing event- but this may be a supply event. By ‘pricing event’ I meant not one motorists will generally ‘see’ that is, not an overnight spike.”
“Colonial Pipeline announced Saturday morning that it’s working to restore operations and hired a third-party cybersecurity firm to investigate the targeted ransomware attack,” Newsweek added.
“The private cybersecurity firm FireEye said it’s been hired to manage the incident response investigation,” the Star Tribune reported.
On Saturday. Colonial issued a statement saying that the “incident involves ransomware,” “Colonial Pipeline is taking steps to understand and resolve the issue. Our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation.”