An emergency declaration has been issued for 18 states after a cyber attack knocked out America’s largest gasoline pipeline.
Friday night’s hack of Colonial Pipeline, which supplies gasoline, diesel and jet fuel across 5,500 miles to the East Coast, is believed to be the largest successful assault on US energy infrastructure in history.
The firm said it was the victim of ransomware – a technique where the victim’s computer systems are encrypted and then payment is demanded to unlock them.
Government sources told Reuters that DarkSide, a Russian hacking outfit, were among the suspects.
Commerce Secretary Gina Raimondo warned yesterday that technological attacks such as these were ‘here to stay.’
‘This is what businesses now have to worry about,’ she said. ‘Unfortunately, these sorts of attacks are becoming more frequent … and we have to work in partnership with business to secure networks to defend ourselves.’
The emergency declaration allows for fuel to be transported by road to the affected states: Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.
The declaration also provides regulatory relief to commercial motor vehicle operations that are part of the emergency support efforts.
Colonial said earlier Sunday that it had opened some smaller delivery lines, but the main system was not yet back up and running.
‘While our mainlines remain offline, some smaller lateral lines between terminals and delivery points are now operational,’ Colonial said in a statement, adding it would ‘bring our full system back online only when we believe it is safe to do so.’
‘We have remained in contact with law enforcement and other federal agencies, including the Department of Energy who is leading the Federal Government response,’ it added.
‘Maintaining the operational security of our pipeline, in addition to safely bringing our systems back online, remain our highest priorities.’
Bloomberg News, citing people familiar with the matter, said hackers took nearly 100 gigabytes of data out of Colonial’s network on Thursday a day ahead of the pipeline shutdown before demanding a ransom.
Colonial has not said whether it has paid or is negotiating a ransom.
Experts said that the incident should serve as a wake-up call to companies about the vulnerabilities they face. Sen. Bill Cassidy said: ‘The implications for this, on our national security, cannot be overstated.’
A prolonged shutdown of the line, described as the ‘jugular of infrastructure’ by one analyst, would cause prices to spike at gasoline pumps ahead of peak summer driving season, a potential blow to U.S. consumers and the economy.
What is DarkSide?
DarkSide is a group of hackers that first emerged in August 2020 with a press release declaring their formation.
Since then, they have become known for their professional operations and large ransoms.
The group has a phone number and even a help desk to facilitate negotiations with victims.
Believed to be based in Russia, they have targeted Enterprise rental cars, Canadian real estate firm Brookfield Residential and an Office Depot subsidiary.
They have publicly stated that they prefer not to attack hospitals, schools, non-profits, and governments. They instead go after big organizations that can afford to pay large ransoms and donates a portion of its take to charity
‘Before any attack, we carefully analyze your accountancy and determine how much you can pay based on your net income,’ the press release reads.
They avoid targets in former Soviet states.
DarkSide finds vulnerabilities in a network, gains access to administrator accounts, and then harvests data from the victim’s server and encrypts it, data security firm Arete says.
The software leaves a ransom note text file with demands.
Ransoms average more than $6.5 million.
The attacks lead to an average of five days of downtime for the business.
The hackers are likely a professional cybercriminal group, and a group dubbed ‘DarkSide’ was among the potential suspects, two U.S. government officials told Reuters.
DarkSide is known for deploying ransomware and extorting victims – while avoiding targets in post-Soviet states. It is believed to be based in Russia.
DarkSide first emerged in August 2020, and has used its ransomware on companies including CompuCom, an Office Depot subsidiary, as well as a Canadian division of rental car company Enterprise.
According to data security firm Arete, DarkSide finds vulnerabilities in a network, gains access to administrator accounts, and then harvests data from the victim’s server and encrypts it.
The software leaves a ransom note text file with demands.
Ransoms average more than $6.5 million, Arete said, and the attacks lead to an average of five days of downtime for the business.
There are now fears of a major spike in gas, oil and diesel prices after the ‘jugular’ of the U.S. fuel pipeline system was forced to suspend operations.
The Colonial Pipeline is responsible for transporting more than 100 million gallons of fuel – 2.5 million barrels – daily through pipelines laid out between Texas and New Jersey.
It also serves some of the largest U.S. airports, including Atlanta’s Hartsfield Jackson Airport, the world’s busiest by passenger traffic.
One energy expert telling Politico it is ‘the most significant and successful attack on energy infrastructure we know of in the United States.’
The Georgia-based company has hired an outside cybersecurity firm to investigate the nature and scope of the attack and federal agencies have been called in to assist.
Other experts predict that a prolonged shutdown could cause a surge in the price of gas, oil and diesel – particularly across the eastern half of the country.
One told Newsweek that motorists should expect a price surge at the pump if the outage lasts five or more days, which would result in a shortage.
Average US price of gas jumps 6 cents per gallon to $3.02
The average US price of regular-grade gasoline jumped 6 cents over the past two weeks, to $3.02 per gallon.
Industry analyst Trilby Lundberg of the Lundberg Survey said Sunday that the increase came as the costs of crude oil and ethanol also rose. Ethanol must be blended by refiners into gasoline, per federal rules.
The price at the pump is $1.05 higher than it was a year ago.
The highest average price in the nation right now is $4.16 a gallon in the San Francisco Bay Area. The lowest average is $2.55 in Baton Rouge, Louisiana.
The average price of diesel is up 2 cents over the same period, to $3.16.
However, another energy analyst is pleading for calm at the present moment.
‘The challenges brought on by the Colonial Pipeline shut down would likely not appear for several days or longer,’ Patrick De Haan told the publication.
‘My guess is they’ll be able to restart the pipeline before any major issues develop.’
The price of diesel, gas and oil previously spiked in 2017, following a temporary shutdown of the Colonial Pipeline caused by a leak.
Colonial Pipeline is responsible for the largest spill in North Carolina’s history and one of the largest in the country’s history, when 1.2 million gallons flowed out in Huntersville in August 2020.
The only reason it was discovered was when two teenagers stumbled across the site and reported it.
However, this deliberate and nefarious attack has many alarmed at the security vulnerabilities of utility companies which provide essential services to the American people.
Mike Chapple, teaching professor of IT, analytics and operations at the University of Notre Dame’s Mendoza College of Business and a former computer scientist with the National Security Agency, said systems that control pipelines should not be connected to the internet and vulnerable to cyber intrusions.
‘The attacks were extremely sophisticated and they were able to defeat some pretty sophisticated security controls, or the right degree of security controls weren´t in place,’ Chapple said.
Anne Neuberger, the Biden administration’s deputy national security adviser for cybersecurity and emerging technology, said in an interview with The Associated Press back in April that the government was undertaking a new effort to help electric utilities, water districts and other critical industries protect against potentially damaging cyberattacks.
She said the goal was to ensure that control systems serving 50,000 or more Americans have the core technology to detect and block malicious cyber activity.
Since then, the White House has announced a 100-day initiative aimed at protecting the country’s electricity system from cyberattacks by encouraging owners and operators of power plants and electric utilities to improve their capabilities for identifying cyber threats to their networks.
It includes concrete milestones for them to put technologies into use so they can spot and respond to intrusions in real time.
The Justice Department has also announced a new task force dedicated to countering ransomware attacks in which data is seized by hackers who demand payment from victims in order to release it.
Source: Read Full Article