Kansas City

US pipeline company halts operations after cyberattack | News – Kansas City, Missouri

Kansas City, Missouri 2021-05-08 13:00:40 –

Washington (AP) — A cyberattack has forced a cyberattack to temporarily suspend all operations in its major pipeline, which supplies about 45% of all fuel consumed on the East Coast. Stated.

According to the Colonial Pipeline, the attack took place on Friday, affecting parts of the information technology system. The company transports gasoline, diesel, jet fuel and household kerosene primarily from its Gulf refineries through a pipeline from Texas to New Jersey.

The company, based in Alpharetta, Georgia, said it had hired an external cybersecurity company to investigate the nature and extent of the attack and also contacted law enforcement and federal agencies. Despite long-standing concerns that US adversaries could confuse US energy suppliers, ransomware attacks by criminal gangs are much more common and have surged recently.

“We are taking steps to understand and resolve this issue,” the Colonial Pipeline said in a statement late Friday, primarily “efforts to restore service safely and efficiently and return to normal operation.” The focus is on. We will work diligently on this issue to minimize confusion for our customers and those who rely on our colonial pipeline. “

Oil analyst Andy Lipou said the impact of the attack on fuel supply and prices depends on how long the pipeline is down. A one- or two-day outage is minimal, but a five- or six-day outage can cause shortages and price increases, especially in areas extending from central Alabama to the Washington, DC region, he said. ..

Lipou said the main concern about long-term delays was the supply of jet fuel needed to keep major airports operating, such as Atlanta and Charlotte, North Carolina.

The exact nature of the attack, such as who launched the attack and what motivated it, was unknown. A spokesman for the Colonial Pipeline did not say whether the company received a ransom demand, as is common in attacks from cybercriminal organizations.

Dragos, Inc., a leader in industrial control systems. Robert Lee, CEO of, said everything indicates a ransomware attack.

“The length of time they go down depends on how far and wide this is,” he said. If only the IT system is affected and the colonial is well prepared, the pipeline can be backed up and executed relatively quickly. However, he said it could take several days if the network that directly controls pipeline functions is affected.

“If it has an operational impact, it’s not unreasonable to suspend it for a long period of time, for a week or so. I don’t know yet,” Lee said.

Ransomware Scramble the victim’s organization data With encryption. The criminal leaves instructions on the infected computer on how to negotiate the ransom payment and provides the software decryption key when the payment is complete.

Mike Chapple, a professor of IT, analysis and operations at the University of Notre Dame’s Mendoza Business College and a former computer scientist at the National Security Agency, said that systems that control pipelines must not be connected to the Internet. He said it should be vulnerable to cyber intrusion.

“The attack was so sophisticated that it could either defeat a fairly high degree of security control or did not have adequate security control in place,” says Chapple.

Brian Bethoon, a professor of applied economics at Boston University, also said the impact on consumer prices should be short-lived unless the shutdown lasts for more than a week or two. “But it shows how vulnerable our infrastructure is to this type of cyberattack,” he said.

Mr Bethoon said the shutdown was occurring at a time when pandemic regulations were lifted, the economy resumed further, and energy prices were already rising. According to the AAA Automobile Club, the national average of 1 gallon of regular gasoline rose 4 cents from Monday to $ 2.94.

The Colonial Pipeline said it transports more than 100 million gallons of fuel daily through a pipeline system spanning more than 5,500 miles.

The FBI and the White House National Security Council did not immediately return a message asking for comment. The Federal Cyber ​​Security Infrastructure and Security Agency has queried the company questions about the incident.

Hackers’ unsuccessful attempts to poison water supplies in small Florida cities have warned of how vulnerable the country’s critical infrastructure is to attacks by more sophisticated intruders.

Anne Neuberger, National Security Adviser for the Biden administration’s cybersecurity and emerging technologies, said in an interview with the Associated Press in April that the government could potentially damage power companies, water districts and other important industries. He said he is working on new initiatives to protect against the cyberattacks he gives. .. She said the goal is to ensure that control systems that serve more than 50,000 Americans have the core technology to detect and block malicious cyber activity. ..

Since then, the White House has aimed to protect the country’s power system from cyberattacks by improving the ability of power plant and utility owners and operators to identify cyber threats to their networks. Announced daily initiatives. It contains specific milestones that enable you to use technology to detect and respond to intrusions in real time. The Justice Department has also announced a new task force to combat ransomware attacks. In this task force, hackers who demand payment from victims to release the data seize the data.

———

Suderman reported from Richmond, Virginia. Contributed by AP Economics writer Martin Crutsinger and technology writer Frank Bajak.

Copyright 2021 AP communication. all rights reserved. This material may not be published, broadcast, rewritten, or redistributed without permission.



US pipeline company halts operations after cyberattack | News Source link US pipeline company halts operations after cyberattack | News

Back to top button