EDITOR NOTE: You’ve probably heard about the cyberattack on Colonial Pipeline, which is the biggest pipeline supplier of gasoline to the East Coast. It was forced to shut down operations on Friday and has yet to announce when the pipeline will be reopened. On one hand, such an attack brings immediate attention to the importance of cybersecurity--a seemingly perpetual battle space that seems only to escalate. On the other hand, it indirectly highlights the risks of a fully digitized monetary space. The culprit of this latest attack--a group called DarkSide--is known for seeding malicious ransomware requesting payment in cryptocurrency from its victims. In a monetary space that’s 100% digitized, money can be extracted through theft or ransom as quickly as it can disappear. There is no geographical distance to travel; no physical barriers to overcome. Should cyberspace grow so vulnerable to such costly intrusions, the only reliable counter-strategy, successful or not, may likely be worse than the crime: 100% surveillance of all digital transactions and participants. It would be the end of freedom and privacy for the sake of allowing money to shed its skin of physical inconvenience and inefficiency.
The operator of the biggest gasoline pipeline in the U.S. shut down operations late Friday following a ransomware attack that threatens to roil energy markets and upend the supply of gas and diesel to the East Coast.
Colonial Pipeline said in a statement Saturday that it “proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.” It’s working to get business back to normal.
The cybersecurity firm FireEye Inc. said its Mandiant incident response division is assisting with the investigation. President Joe Biden, who’s spending the weekend at Camp David, was briefed on the incident Saturday morning, the White House said.
Colonial is a key artery for the eastern half of the U.S. It’s the main source of gasoline, diesel and jet fuel for the East Coast with capacity of about 2.5 million barrels a day on its system from Houston as far as North Carolina, and another 900,000 barrels a day to New York.
The attack appeared to use a ransomware group called DarkSide, according to Allan Liska, senior threat analyst at cybersecurity firm Recorded Future.
Hacking threats to critical infrastructure have been growing, prompting the White House to respond last month with a plan to try to increase the security of utilities and their suppliers. Pipelines are a specific concern because they play a central role in so many parts of the U.S. economy.
The latest attack comes as the nation’s energy industry gears up for summer travel and stronger fuel demand as pandemic economic restrictions are eased. It’s also an unpleasant reminder of how a cyber-attack brought down the communications systems of several U.S. natural gas pipelines operators in 2018.
The operator of the biggest gasoline pipeline in the U.S. shut down operations on Friday following a ransomware attack.@hmsjeffbair explains how the attack could impact fuel prices at the pump https://t.co/0A7S2yrgfF pic.twitter.com/IopjZBnzLd
— Bloomberg Quicktake (@Quicktake) May 8, 2021
The federal government is assessing the implications of the incident, including how to avoid disruptions to supply and help the company restore operations as quickly as possible, a White House spokesperson said.
The U.S. Department of Energy said it’s “monitoring any potential impacts” to supplies, while the Federal Energy Regulatory Commission said it’s in “communication with other federal agencies, and we are working closely with them to monitor developments” following the cyber-attack.
The federal government is also working with state and local authorities on potential additional steps.
When Colonial is running, fuel travels between three and five miles per hour through it. But a long-term shutdown could leave the Northwest more dependent on supplies delivered by tanker. And it could take those cargoes 10 to 14 days to make the voyage to the New York harbor, according to a research note from ClearView Energy Partners.
Other options, such as tapping an emergency federal stockpile of refined products in the Northeast, are “little more than a Band-Aid,” ClearView said. That gasoline supply reserve holds just 1 million barrels of gasoline in New York, Boston and Maine, the analysts noted.
Ransomware cases involve hackers seeding networks with malicious software that encrypts the data and leaves the machines locked until the victims pay the extortion fee, which can range from a few hundred dollars to millions of dollars in cryptocurrency.
Utilities’ information technology networks, which run email and other routine functions, and operational technology networks, which control the actual functioning of the delivery of electricity or natural gas, are typically kept mostly separate, which is what makes Colonial’s decision to temporarily shut down both so unusual.
Original post from Bloomberg