Cyberattack Forces a Shutdown of a Top U.S. Pipeline Operator [View all]

Source: New York Times

A cyberattack forced the shutdown of one of the largest pipelines in the United States, in what appeared to be a significant attempt to disrupt vulnerable energy infrastructure. The pipeline carries refined gasoline and jet fuel up the East Coast from Texas to New York. The operator of the system, Colonial Pipeline, said in a statement late Friday that it had shut down its 5,500 miles of pipeline, which it says carries 45 percent of the East Coast’s fuel supplies, in an effort to contain the attack on its computer networks.

Earlier Friday, there were disruptions along the pipeline, but it was unclear whether that was a direct result of the attack. Colonial’s pipeline transports 2.5 million barrels each day, taking refined gasoline, diesel fuel and jet fuel from the Gulf Coast up to New York Harbor and New York’s major airports. Most of that goes into major storage tanks, and with energy use depressed by the pandemic, the attack was unlikely to cause any immediate disruptions. In the statement, the company said that it learned on Friday that it “was the victim of a cybersecurity attack,” but it provided no details.

Such an attack could involve malware that shut down its operations or ransomware demanding payment to unlock computer files or systems. “In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our I.T. operations,” the company said, referring to information technology systems. It said it had contacted law enforcement and other federal agencies. The F.B.I. leads such investigations, but critical infrastructure is the responsibility of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

The breach comes just months after two major attacks on American computer networks — the SolarWinds intrusion by Russia’s main intelligence service, and another against a Microsoft email service that has been attributed to Chinese hackers — that have illustrated the vulnerability of the networks on which the government and corporations rely. While both of those attacks appeared aimed, at least initially, on the theft of emails and other data, the nature of the intrusions created “back doors” that experts say could ultimately enable attacks on physical infrastructure. So far, neither effort is thought to have led to anything other than data theft.

Read more: https://www.nytimes.com/2021/05/08/us/cyberattack-colonial-pipeline.html