A major US fuel pipeline has been shut down after a ransomware attack on Friday, in an incident that underscores the vulnerabilities in America’s critical infrastructure.
The Colonial Pipeline — the country’s largest conduit for refined products, transporting almost half of the fuel consumed on the East Coast — remained closed on Saturday after its operator said it had fallen “victim to a cyber security attack”.
It said that the attack involved the use of ransomware — whereby hackers seize control of a victim’s computer systems or data by installing illicit software, and only release the assets once payment is made.
“In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems,” the Colonial Pipeline Company said.
A White House spokesperson said US president Joe Biden had been briefed on the issue and the federal government was “working actively to assess the implications of this incident, avoid disruption to supply, and help the company restore pipeline operations as quickly as possible”.
The attack on the line, which spans more than 5,500 miles from Pasadena, Texas to Linden, New Jersey and New York Harbor, comes amid growing concerns about cyber security vulnerabilities in America’s critical infrastructure after last year’s SolarWinds attack. In that incident, Russian hackers gained access to the US commerce and Treasury departments, among other government agencies.
The number of ransomware attacks has exploded in recent years as criminals have used cryptocurrencies such as bitcoin to receive extortion payouts without being tracked, and have increasingly rented out their expertise to others.
While such attacks have tended to target corporate IT systems, experts warn that instances targeting operational technology (OT) — the computerised systems used to control operations — are becoming more prevalent.
“US energy infrastructure is increasingly subject to damaging cyber attacks from Russian, Chinese and other hackers, so upgrading the security of American energy systems must be central to both Biden’s infrastructure goals and political messaging,” said Paul Bledsoe, an energy expert with the Progressive Policy Institute in Washington.
It is unclear whether the attackers are criminal groups — who tend to deploy ransomware for commercial gain — or state-backed hackers.
Colonial did not say how long the suspension of operations would last, or provide further details about the nature of the attack. A spokesperson on Saturday afternoon declined to comment further.
The company said it had contracted a third-party cyber security firm to investigate the incident, and contacted law enforcement and federal agencies.
The pipeline system transports more than 2.5m barrels of fuel a day — more than the UK’s entire daily consumption — feeding markets such as Atlanta, Washington and New York with gasoline, diesel, jet fuel and home heating oil refined on the Gulf coast. Much of the network was shut down in 2017 after tropical storm Harvey. Part of the conduit was also taken offline in 2016 after a leak was discovered.
Gasoline and diesel futures edged slightly higher on Friday. Analysts said there was potential for greater volatility when trading restarted on Sunday night if the pipeline was not quickly brought back online.
“For now, with a limited time shutdown, this shouldn’t be much of an issue and shouldn’t impact prices,” said Patrick de Haan, head of petroleum analysis at GasBuddy, a data provider.
“However, if for some reason the pipeline can’t be started in the next day or two, we could see prices drift higher. A bit early to tell, but right now leaning on this not being a price event or supply disruption.”
Analysts said fuel supplies in the north-east were less at risk in case of a prolonged shutdown as they could be supplemented by imports. But coastal states from Georgia up to the Delaware-Maryland-Virginia Peninsula were at greater risk of disruption.
“One clear worry has to do with news flow,” said Tom Kloza, global head of energy analysis at Opis, a division of IHS Markit. “A cyber attack on the country’s most vital pipeline will be a headline story through Monday. It could promote a spike in consumer purchases of gasoline in the areas served by the line.”
Biden has proposed a $2tn package to reboot America’s ailing infrastructure, but the plan makes no mention of pipeline infrastructure — a flashpoint for protests by environmental activists.
Ben Sasse, a Republican senator from Nebraska, who sits on the Senate intelligence committee, said the Colonial attack made clear the federal government should prioritise “critical sectors” such as fossil fuel transportation “rather than progressive wishlists masquerading as infrastructure”.
“This is a play that will be run again, and we’re not adequately prepared,” he said.