Clock Is Ticking on Pipeline After Cyberattack

The operators of the biggest US fuel pipeline were scrambling Monday to resume operations after a cyberattack forced a shutdown on Friday. The Wall Street Journal reports that because of existing gasoline inventories, the impact shouldn't be too dire if Colonial can confine the outage to less than five days. If it goes longer than that, however, people filling up their tanks on the East Coast in particular will likely see higher prices. An outage of one to three weeks could translate into a 20-cent spike, one industry analyst tells the AP. Essentially, Colonial needs to be back in business by Wednesday to limit the pain. Coverage:

• The pipeline: It's a huge source of gasoline, diesel, heating oil, and jet fuel from Texas to the Northeast. In fact, Colonial delivers about 45% of fuel consumed on the East Coast. The 5,500-mile pipeline also provides fuel for airports in Atlanta, Baltimore, and elsewhere, reports CNBC.
• The hack: Hackers deployed a ransomware attack on the company's IT systems, reports Bloomberg, though details are scarce. A Russian group identified as the DarkSide has been identified as the perpetrators. "They're very new but they're very organized," Lior Div of the security firm Cybereason tells Reuters. DarkSide is motivated by profit, not geopolitical interests, and it boasts of giving some of its collected ransom to charities. Colonial hasn't said whether a ransom has been demanded or whether it would pay, if so. For now, it appears that the hack was confined to Colonial's information systems and didn't reach the more critical control systems.

• One view: "Whether we should feel comforted that it was a regular criminal ransomware attack that has managed to disrupt gasoline and jet fuel supplies to the East Coast of the United States—rather than the work of a concerted effort by a state-sponsored hacking group—is debatable," writes renowned cybersecurity expert Graham Cluley.
• Bigger issue: The aging infrastructure of US energy systems is extremely vulnerable to such attacks. "Many companies have older, vulnerable Windows platforms still embedded within energy facilities, and efforts to implement cybersecurity measures rarely move beyond the pilot-program stage," the Journal notes, based on its conversation with one expert. The systems were long thought to be safe because they weren't connected to the internet, but hackers have found ways to penetrate them anyway. The US has 2.5 million miles of pipelines, and the valves, sensors, and other devices that control them all are vulnerable.
• Remedies: The US government is temporarily relaxing fuel transportation rules as part of an "all-hands-on-deck" initiative, says Commerce Secretary Gina Raimondo. Longer term, the White House may roll out an executive order to required beefed-up security at utilities, notes the New York Times. But making such upgrades is much easier said than done, with the Journal noting that some operational protocols in use predate the internet. Expect the issue to become a point of contention in President Biden's $2 trillion infrastructure spending plan.
• On the rise: Don't expect this to be the last such attack in the near future. US officials "note that the frequency and sophistication of ransomware attacks has soared in recent months, targeting police departments, hospitals, and manufacturers," per the Times. Last year, hackers took down an unnamed natural gas facility for two days.

(More cyberattack stories.)