The Colonial Pipeline, one of the largest fuel pipelines in the US, was forced to temporarily shut down all its operations last weekend following a massive ransomware attack.
The pipeline transports over 100 million gallons of gasoline and other fuel from Houston to New York Harbor, according to a report in CNN.
The company, in a statement on Friday, May 7, said that it learned of the cybersecurity attack and was quick to take certain systems offline to ensure there was no further threat. "These actions temporarily halted all pipeline operations and affected some of our IT systems, which we are actively in the process of restoring," it said.
Colonial Pipeline operates a 5,500-mile pipeline and supplies 45 percent of jet fuel and gasoline to the US East Coast. It came under a ransomware attack following which the company took certain systems offline to contain the threat, Colonial Pipeline said on Friday. In a statement, it further said that leading, third-party cybersecurity experts were engaged and an investigation was launched to understand the nature and scope of this incident.
Who was behind the attack?
On May 10, the FBI confirmed that DarkSide, a criminal group from Russia, was behind the ransomware attack on the Colonial pipeline.
In a statement, the agency said: "The FBI confirms that the Darkside ransom-ware is responsible for the compromise of the Colonial Pipeline networks," adding they continue to work with the company and our government partners on the investigation.
According to a BBC report, the DarkSide stole nearly 100 GB of data and was now threatening to leak it, should the company fail to pay an undisclosed ransom.
Meanwhile, the cyber gang also acknowledged on its website that they were behind the ransomware attack on the Colonial Pipeline and their goal was to make money and not creating problems for society.
What did the US administration say?
Speaking at the White House on May 10, US President Joe Biden said the concerned agencies were ‘personally briefing’ him on the pipeline situation every day. Biden further said that he is going to meet President Vladimir Putin soon, adding that there was no evidence so far about Russian involvement.
"Although there's evidence that the actors' ransom-ware is in Russia - they have some responsibility to deal with this," he added.
How long will the pipeline remain shut?
Nothing can be said about this with surety, nothing just as yet. The Colonial Pipeline has said the situation remains fluid and continues to evolve. "The Colonial operations team is executing a plan that involves an incremental process that will facilitate a return to service in a phased approach," it said.
Sherwood-Randall, the Homeland Security Advisor, said the company had informed them that the pipeline had not suffered damage and can be brought back online relatively quickly. Randall added that the company emphasised the need for safety "given that it has never before taken the entire pipeline down."