Cyber attack shuts down US ‘jugular’ fuel pipeline, Biden …
(Add colonial commentary to paragraph 5, details throughout)
By Stephanie Kelly and Christopher Bing
NEW YORK, May 8 (Reuters) – The main US pipeline operator, Colonial Pipeline, has shut down its entire network, the source of nearly half of the fuel supply to the US east coast, after a cyberattack on Friday that involved ransomware.
The incident is one of the most disruptive digital ransom deals on record and has drawn attention to the vulnerability of America’s energy infrastructure to hackers. A prolonged shutdown of the line would spike gasoline pump prices ahead of peak summer driving season, a potential blow to U.S. consumers and the economy.
“It’s as close as it gets to the infrastructure jugular in the United States,” said Amy Myers Jaffe, research professor and CEO of the Climate Policy Lab. “It’s not a major pipeline. It’s the pipeline.”
Colonial transports 2.5 million barrels per day of gasoline and other fuels through 8,850 km of pipelines connecting Gulf Coast refiners to the eastern and southern United States. It also serves some of the country’s largest airports, including Atlanta’s Hartsfield Jackson Airport, the world’s busiest for passenger traffic.
The company said it ended operations after learning of a cyberattack on Friday using ransomware.
“Colonial Pipeline is taking steps to understand and resolve this problem. Right now our main goal is the safe and efficient restoration of our service and our efforts to return to normal operation, ”he said.
While the U.S. government investigation is in its early stages, a former official and two industry sources said the hackers were likely a group of professional cybercriminals.
The former official said investigators were examining a group dubbed “DarkSide” known to deploy ransomware and extort victims while avoiding targets in post-Soviet states. Ransomware is a type of malware designed to lock down systems by encrypting data and demanding payment to regain access.
Colonial said it hired a cybersecurity company to help with the investigation and contacted law enforcement and federal agencies.
Cybersecurity industry sources said cybersecurity firm FireEye was called in to respond to the attack. FireEye declined to comment.
US government bodies, including the FBI, said they were aware of the situation but did not yet have details of who was behind the attack.
President Joe Biden was briefed on the incident on Saturday morning, a White House spokesman said, adding that the government was working to help the company resume operations and prevent supply disruptions .
The Energy Department said it was monitoring potential impacts on the country’s energy supply, while the United States Cybersecurity and Infrastructure Security Agency and the Transportation Security Administration told Reuters they were working on the situation.
“We are engaged with the company and our interagency partners in the face of the situation. This underlines the threat that ransomware poses to organizations regardless of their size or industry, ”said Eric Goldstein, executive deputy director of the cybersecurity division at CISA.
Colonial did not give further details or indicate how long its pipelines would be closed.
The Georgia-based private company is owned by CDPQ Colonial Partners LP, IFM (US) Colonial Pipeline 2 LLC, KKR-Keats Pipeline Investors LP, Koch Capital Investments Company LLC and Shell Midstream Operating LLC.
“Cyber security vulnerabilities have become a systemic problem,” said Algirde Pipikaite, head of cybersecurity at the Center for Cyber Security at the World Economic Forum.
“Unless cybersecurity measures are built into the development phase of a technology, we are likely to see more frequent attacks on industrial systems such as oil and gas pipelines or water treatment plants. “Pipikaite added.
PUMP PRICE PROBLEMS
The American Automobile Association has said that a prolonged outage of the line could trigger an increase in gasoline prices at pumps, a concern for consumers ahead of the summer driving season.
A four- or five-day shutdown, for example, could lead to sporadic blackouts at fuel terminals along the U.S. east coast, which depend on the pipeline for deliveries, said Andrew Lipow, chairman of the Lipow Oil board. Associates.
After the shutdown was first announced on Friday, gasoline futures on the New York Mercantile Exchange gained 0.6% while diesel futures rose 1.1%, both topping the gains of crude oil. Spot gasoline and diesel prices on the Gulf Coast edged down due to the prospect of accumulating supplies in the region.
“As each day goes by, this is becoming a bigger and bigger impact on Gulf Coast oil refining,” Lipow said. “Refiners should respond by reducing crude processing because they have lost part of the distribution system.”
Oil refining companies contacted by Reuters on Saturday said their operations had not yet been affected.
Kinder Morgan Inc, meanwhile, said its Products (SE) Pipe Line Corporation (PPL) serving many of the same areas remains in full service.
PPL is currently working with its customers to accommodate additional barrels during Colonial’s downtime, he said. PPL can deliver approximately 720,000 bpd of fuel through its pipeline system from Louisiana to the Washington, DC area.
The American Petroleum Institute, a major trading group in the oil industry, said it was monitoring the situation.
Ben Sasse, a Republican senator from Nebraska and a member of the Senate Special Committee on Intelligence, said the cyberattack was a wake-up call for U.S. lawmakers.
“This is a coin that will be thrown again, and we are not sufficiently prepared,” he said, adding that Congress should adopt an infrastructure plan that strengthens sectors against these attacks.
Colonial previously closed its gasoline and distillate lines during Hurricane Harvey, which hit the Gulf Coast of Mexico in 2017. This contributed to the depletion of supplies and the rise in gasoline prices in the United States. United States after hurricane forced many Gulf refineries to close.
(Reporting by Stephanie Kelly, Devika Krishna Kumar, Christopher Bing and Raphael Satter; Additional reporting by Trevor Hunnicutt, Gary McWilliams and Laura Sanicola; Editing by Simon Webb, Richard Valdmanis, Alistair Bell and Daniel Wallis)
Our Standards: The Thomson Reuters Trust Principles.