Major US fuel pipeline shut down by cyber-attack

The Colonial Pipeline in the US has been forced to shut its entire network after it was hit with a major cyber-attack on Friday 7 May.

The 5,500 miles of pipeline that runs from Texas to New York carries 45% of the east coast’s fuel supplies and travels through 14 southern and eastern US states.

The pipeline transports gasoline, diesel and jet fuel. The company’s website says it carries some 100m gallons of fuel each day and services seven airports.

Colonial has become the latest high-profile victim of a ransomware attack, in which systems and data are encrypted by hackers until a ransom is paid. It has been reported that the hackers are part of a cybercrime group called DarkSide, an Eastern European-based organisation which was formed in August 2020 and has already earned millions of dollars from attacks on Western nations.

In response, the Biden administration has invoked emergency powers to avoid fuel shortages, relaxing regulations for drivers carrying gasoline and other refined petroleum products in 17 states and the district of Columbia.

Experts have claimed that if the outage lasts for three more days, it is likely that gas prices will rise by 15-20 cents.

Reacting to the news, Andy Watkin-Child, a Board member of The Security Institute and Chartered Security Professional said: “The Colonial Pipeline hack demonstrates the fragility of national infrastructure when faced by cyber-attack. The Biden administration launched a 100-day Supply Chain review, which included the impact of cyber on the energy sector. As of Sunday 9 May, Colonial and Federal agencies were working to restore operations to the pipelines which deliver 45% of the East Coast of America’s fuel, including petrol and diesel.

“The attack clearly demonstrates the impact of cyber on national infrastructure, following on from the December 2020 SolarWinds attack and Exchange hack. Rumours point fingers at a group called ‘DarkSide’, but as yet the attacker has not been confirmed. What is known is the impact. With pumping and refining capacity at a standstill for 45% of East Coast supplies the commodity markets have reacted, at close of business Friday, gasoline futures were up 0.6% and diesel 1.1% on the New York Mercantile exchange. If Colonial cannot get its pipelines up and running quickly you can expect the prices to rise.

“We’ve been saying for a long time that cybersecurity is a boardroom issue requiring clear focus and funding. As geopolitical actors (who are well funded and resourced) target National Infrastructure. we will all feel the pain. Maybe its now time for market regulators to turn up the SCRM and cyber pressure in the boardroom?”

Steve Forbes, Government Cyber Security Expert at Nominet commented on the domino effect of CNI attacks on this scale: “The declaration of a state of emergency due to a cyber-attack could become the new normal. With the largest fuel pipeline in the US grinding operations to a halt due to a ransomware attack, the attack on Colonial is likely to have a ripple effect across the globe.

“The attack will be a stark reminder of how connected our world now is. While the demand for oil across the US East Coast is evident, the fact that this is already impacting the financial markets and traders, demonstrates that it really is the tip of the iceberg. That’s not to mention the fact that the severity of this breach will worsen if confidential information is leaked, as the group has threatened.

“Being able to take systems offline and begin a process of restoration is undeniably important, but there is an additional threat if this data is exposed. It underlines the importance of international collaboration to bring down these highly coordinated groups early in their development if we want to protect our critical services.”