One of the nation’s largest fuel pipelines has been forced to shut down after being affected by a ransomware cyberattack. Ransomware is a form of malware that encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment.
Colonial Pipeline was forced to shut down its entire network as well as proactively take various systems offline to contain the threat, halting all pipeline operations. The massive US pipeline runs 5500 miles from Houston to New Jersey and transport 45% of all fuel to the East Coast.
The President has been briefed and the White House stated it is working with the organization to avoid disruption to supply and restore pipeline operations as quickly as possible, but it is still unclear to how long the pipelines will be off the grid.
Experts warn a prolonged delay could eventually impact consumers.
This latest attack comes amid growing concerns about the nation’s cybersecurity posture. Last December a massive software breach at Texas based SolarWinds was identified, where hackers reportedly gained access to the emails at U.S. government agencies. Also, in Florida, investigators stated hackers took control of the computer systems of a water treatment facility in an attempt to tamper with the water supply.
It’s important that organization take these attacks seriously since these attacks will continue and are not going away. So, it’s imperative that if you’re an owner operator of critical infrastructure that you invest in the cybersecurity controls.
Update: 5/10/21 at 7:40 am EST
A Russian criminal group may be responsible for a ransomware attack that shut down a major U.S. fuel pipeline, two sources familiar with the matter said Sunday.
The group, known as DarkSide, is relatively new, but it has a sophisticated approach to the business of extortion, the sources said.