The U.S. gas pipeline responsible for providing approximately 45 percent of the fuel supply to the eastern and southern regions of the U.S. has been shut down after falling victim to a ransomware attack.
On Friday, May 7, Colonial Pipeline Company released a statement indicating they suspended all pipeline operations and shut down several IT systems as a proactive measure in the wake of a ransomware cyber attack. An overseas group referred to as DarkSide has claimed responsibility for what is believed to be the largest, most successful infrastructure attack on the U.S., which resulted in a rare State of Emergency declaration issued by the federal government.
Colonial Pipeline Company transports approximately 2.5 million barrels of gasoline, jet fuel, diesel, and other refined products through 5,500 miles of pipelines each day. The pipelines extend from the Gulf Coast to New York making it the largest U.S. pipeline and a critical part of the petroleum infrastructure.
(The Colonial Pipeline Map / Photo courtesy of Colonial Pipeline Company)
The attack has shed a very bright light on the vulnerabilities of U.S. cyber security infrastructure in addition to the growing target of critical systems and operations. It comes in the wake of other recent attacks which impacted the Washington D.C. police department, manufacturing companies, and hospitals treating COVID-19 patients.
This surge in sophisticated attacks has many experts calling for action to repair what is said to be a broken security model which often results in cascading effects to vital operational practices. In an effort to bolster the fight against ransomware and cyber attacks, the Department of Homeland Security is offering incentives to the private sector who take initiative to strengthen their cyber security efforts.
In addition to exposing security vulnerabilities, the attack could have serious impacts on consumer gas prices if the shutdown extends past five days. This comes at a crucial time in the U.S. as many COVID restrictions are beginning to lift and travel is expected to surge.
Government officials and a third-party cyber security firm are actively working with Colonial Pipeline to restore service and are evaluating how deeply the ransomware infected Colonial’s systems. If operational systems running the pipelines were impacted, the shutdown could last anywhere from several days to several weeks.
With the sophistication and complexity of cyber attacks growing, the need for well-trained offensive and defensive experts is growing too. INE offers a practical approach to cyber security training and allows students to learn red and blue team tactics while getting hands-on in our virtual lab environments. Get started today!