Wednesday,  December 11 , 2024

Linkedin Pinterest
News / Business

FBI names pipeline cyberattackers as company promises return

By Associated Press
Published: May 10, 2021, 1:45pm
2 Photos
FILE - In this Sept. 8, 2008 file photo traffic on I-95 passes oil storage tanks owned by the Colonial Pipeline Company in Linden, N.J. A major pipeline that transports fuels along the East Coast says it had to stop operations because it was the victim of a cyberattack.
FILE - In this Sept. 8, 2008 file photo traffic on I-95 passes oil storage tanks owned by the Colonial Pipeline Company in Linden, N.J. A major pipeline that transports fuels along the East Coast says it had to stop operations because it was the victim of a cyberattack. Colonial Pipeline said in a statement late Friday that it "took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems." (AP Photo/Mark Lennihan, File) Photo Gallery

WASHINGTON — Hit by a cyberattack, the operator of a major U.S. fuel pipeline said Monday it hopes to have services mostly restored by the end of the week as the FBI and administration officials identified the culprits as a gang of criminal hackers.

Colonial Pipeline, which delivers about 45% of the fuel consumed on the East Coast, halted operations last week after revealing a ransomware attack that it said had affected some of its systems. On Monday, U.S. officials sought to soothe concerns about price spikes or damage to the economy by stressing that the fuel supply had so far not been disrupted, and the company said it was working toward “substantially restoring operational service” by the weekend.

Nonetheless, the attack underscored the vulnerabilities of the nation’s energy sector and other critical industries whose infrastructure is largely privately owned. Ransomware attacks are typically carried out by criminal hackers who scramble data, paralyzing victim networks, and demand large payments to decrypt it.

The Colonial attack was a potent reminder of the real-world implications of the burgeoning threat. Even as the Biden administration works to confront organized hacking campaigns sponsored by foreign governments, it must still contend with difficult-to-prevent attacks from cybercriminals.

“We need to invest to safeguard our critical infrastructure,” President Joe Biden said Monday.

The attack came as the administration, still grappling with its response to massive breaches by Russia of federal agencies and private corporations, works on an executive order aimed at bolstering cybersecurity defenses. The Justice Department, meanwhile, has formed a ransomware task force designed for situations just like Colonial Pipeline, and the Energy Department on April 20 announced a 100-day initiative focused on protecting energy infrastructure from cyber threats. Similar actions are planned for other critical industries.

Despite that, the challenge facing the government and the private sector remains immense.

In this case, the FBI moved with unusual speed to pinpoint blame, saying the criminal syndicate whose ransomware was used in the attack is named DarkSide. The group’s members are Russian speakers, and the syndicate’s malware is coded not to attack networks using Russian-language keyboards.

Anne Neuberger, the White House deputy national security adviser for cyber and emerging technology, said at a briefing that the group emerged just months ago. She said its business model is to demand ransom payments from victims and then split the proceeds, relying on what she said was a “new and very troubling variant.”

She declined to say if Colonial Pipeline had paid any ransom, and the company has not given any indication of that one way or the other. Though the FBI has historically discouraged victims from making payments for fear of promoting additional attacks, she acknowledged “the very difficult” situation that victims face and said the administration needs to look “thoughtfully at this area” of how best to deter ransomware.

Neuberger said the administration is committed to leveraging the government’s massive buying power to ensure that software makers make their products less vulnerable to hackers.

“Security can’t be an afterthought,” Neuberger said at a conference on national security Monday. “We don’t buy a car and only then decide if we want to pay for seatbelts and airbags.”

The U.S. sanctioned the Kremlin last month for a hack of federal government agencies that officials have linked to a military intelligence unit and described as an intelligence-gathering operation. In this case, though, the hackers are not known to be working at the behest of any foreign government.

The group posted a statement on its dark web site describing itself as apolitical. “Our goal is to make money, and not creating problems for society,” DarkSide said.

Stay informed on what is happening in Clark County, WA and beyond for only
$99/year

Asked Monday whether Russia was involved, Biden said, ”“I’m going to be meeting with President (Vladimir) Putin, and so far there is no evidence based on, from our intelligence people, that Russia is involved, although there is evidence that the actors, ransomware, is in Russia.

“They have some responsibility to deal with this,” he added.

U.S. officials have sought to head off anxieties about the prospect of a lingering economic impact and disruption to the fuel supply, especially given Colonial Pipeline’s key role in transporting gasoline, jet fuel, diesel and other petroleum products through 10 states between Texas and New Jersey.

Colonial is in the process of restarting portions of its network. It said Monday that it was evaluating the product inventory in storage tanks at its facilities. Administration officials stressed that the company proactively took some of its systems offline, as opposed to hackers doing it, and that its operating systems were spared.

In response to the attack, the administration loosened regulations for the transport of petroleum products on highways as part of an “all-hands-on-deck” effort to avoid disruptions in the fuel supply.

“The time of the outage is now approaching critical levels and if it continues to remain down we do expect an increase in East Coast gasoline and diesel prices,” said Debnil Chowdhury, IHS Markit Executive Director. The last time there was an outage of this magnitude was in 2016, he said, when gas prices rose 15 to 20 cents per gallon. But the Northeast had significantly more local refining capacity at that time, potentially intensifying any impact.

If the pipeline outage persists, the industry may want to turn to barges to transport fuel, but that could require a waiver of the Jones Act, a U.S. maritime law that requires products shipped between U.S. ports to be moved by American-flagged ships.

The pipeline utilizes both common and custom technology systems, which could complicate efforts to bring the entire network back online, according to analysts at Third Bridge.

Gasoline futures ticked higher Monday. Futures for crude and fuel, prices that traders pay for contracts for delivery in the future, typically begin to rise anyway each year as the driving season approaches. The price you pay at the pump tends to follow.

The average U.S. price of regular-grade gasoline has jumped 6 cents over the past two weeks, to $3.02 per gallon, which is $1.05 higher than a year ago. The year-ago numbers are skewed somewhat because the nation was going into lockdown due to the pandemic.

The attack on the Colonial Pipeline could exacerbate the upward pressure on prices if it is unresolved for a period of time.

Support local journalism

Your tax-deductible donation to The Columbian’s Community Funded Journalism program will contribute to better local reporting on key issues, including homelessness, housing, transportation and the environment. Reporters will focus on narrative, investigative and data-driven storytelling.

Local journalism needs your help. It’s an essential part of a healthy community and a healthy democracy.

Community Funded Journalism logo
Loading...