Colonial Pipeline, a top U.S. fuel pipeline operator, shut down its operations temporarily after being hit by a ransomware attack. The company stated the attack halted all pipeline operations and affected some of its IT systems.
“The Colonial Pipeline Company learned it was the victim of a cybersecurity attack. We have since determined that this incident involves ransomware. In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations and affected some of our IT systems. Upon learning of the issue, a leading, third-party cybersecurity firm was engaged, and they have launched an investigation into the nature and scope of this incident, which is ongoing. We have contacted law enforcement and other federal agencies,” the company said.
The Colonial Pipeline infrastructure is the source for half of the U.S. East Coast’s fuel supply. The temporary halt in its operations will affect the supplies from Gulf Coast refining centers to the major cities in the country including Washington, D.C.; Baltimore; and Atlanta. The ransomware attack raised concerns over fuel crunch and price hike as Colonial froze fuel deliveries of 2.5 million barrels per day of gasoline, diesel, and jet fuel through 5,500 miles (8,850 km) of pipelines.
Is DarkSide ransomware group involved?
Colonial engaged cybersecurity firms and third-party security experts to investigate the incident, and informed the law enforcement and the Department of Energy about the attack.
While the investigation is in its early stages, several industry experts opine that ransomware group DarkSide is likely behind the cyberattack. DarkSide ransomware group is known for encrypting systems with ransomware and extorting victims to pay the ransom.
“Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline,” the company stated.
Rising Threats to Critical Infrastructures
The attack on Colonial represents how critical infrastructures become primary targets for cybercriminals. Earlier, a similar ransomware attack on a U.S. natural gas supplying facility brought its operations to a standstill for two days when the organization’s incidence response team implemented a deliberate and controlled shutdown to contain the ransomware spread. Read More Here…