Ransomware Takes Down East Coast Fuel Pipeline

The US government has been forced to issue emergency legislation after a ransomware attack knocked offline the country’s largest fuel pipeline.

Colonial Pipeline confirmed over the weekend that it had suffered a serious cyber-attack.

“Quickly after learning of the attack, Colonial proactively took certain systems offline to contain the threat. These actions temporarily halted all pipeline operations and affected some of our IT systems, which we are actively in the process of restoring,” it said in an update on Sunday.

“While our mainlines (Lines 1, 2, 3 and 4) remain offline, some smaller lateral lines between terminals and delivery points are now operational. We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations.”

The government legislation is designed to relax rules restricting the transportation of fuel by road.

However, if the outage persists there are likely to be shortages and price rises across the 12 states the pipeline travels through and beyond. Reports suggest it carries 2.5 million barrels a day, representing nearly half of the East Coast’s supply of diesel, gasoline and jet fuel.

According to the BBC, the attack was launched by the Russian-speaking DarkSide group, who claim to have also stolen 100GB of data in a classic “double extortion” play.

“Being able to take systems offline and begin a process of restoration is undeniably important, but there is an additional threat if this data is exposed. It underlines the importance of international collaboration to bring down these highly coordinated groups early in their development if we want to protect our critical services,” argued Nominet government cybersecurity expert, Steve Forbes.

“As we watch the domino effect of this cyber-attack, it is very apparent that impact is not limited to systems and software — victims will come in all shapes and sizes, from industries to individuals.”

What’s Hot on Infosecurity Magazine?