US EXPLAINER: What's next for pipelines after Colonial hack
What we know about the Colonial Pipeline ransomware cyberattack
What we know about the Colonial Pipeline cyberattack. The latest on who is behind it, how it could impact gas prices and more. Colonial Pipeline said on Saturday that it was the victim of a cyberattack involving ransomware and had "proactively" halted all pipeline operations as a result. The 5,500-mile pipeline system transports approximately 45% of all fuel consumed on the East Coast, according to its website, and runs from Texas to New Jersey.
WASHINGTON (AP) — The nation’s largest fuel pipeline is flowing again after the company that runs it it was hit by a gang of hackers. But long lines remain at gas stations throughout the Southeast. That's because drivers are buying more gasoline then they need, draining supplies at filling stations. Plus, there are logistical hurdles slowing fuel deliveries of fuel from the Colonial Pipeline.
The incident was one of a series of wake-up calls about the growing threat hackers pose to the nation's critical infrastructure., where hackers demand large sums of money to decrypt stolen data or to prevent it from being leaked online, have hit thousands of businesses and hundreds of health care centers in the U.S. in the past year.
Hillicon Valley: Colonial Pipeline attack underscores US energy's vulnerabilities | Biden leading 'whole-of-government' response to hack | Attorneys general urge Facebook to scrap Instagram for kids
Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter by clicking HERE. Welcome! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.The nation's oil and gas sector was left reeling from a ransomware attack late last week that caused Colonial Pipeline to shut down operations that provide around 45 percent of the East Coast's oil.
Questions remain about what steps companies or government officials should take to buttress defenses against cyberattacks.
WHEN WILL FUEL SUPPLIES GET BACK TO NORMAL?
Colonial restarted its pipeline late Wednesday, which means fuel is now running between refineries in Houston and Southeast states. But it will take a few days or weeks for everything to get back to normal.
Gas stations in the Southeast should open for business and well supplied next week, but only if the pipeline operates as planned and consumers stop hoarding fuel, said Richard Joswick, global head of oil analytics at S&P Global Platts. When the panic passes, people will have full tanks and demand will drop, but “people have to convinced that they don’t have to panic buy,” Joswick said.
Overnight Energy: 5 takeaways from the Colonial Pipeline attack | Colonial aims to 'substantially' restore pipeline operations by end of week | Three questions about Biden's conservation goals
HAPPY MONDAY. Welcome to Overnight Energy, your source for the day's energy and environment news.Please send tips and comments to Rachel Frazin at firstname.lastname@example.org . Follow her on Twitter: @RachelFrazin . Reach Zack Budryk at email@example.com or follow him on Twitter: @BudrykZack . Signup for our newsletter and others HERE. Today it's pipelines all the way down as we examine what you need to know about the cyberattack that's haltedToday it's pipelines all the way down as we examine what you need to know about the cyberattack that's halted operations at a pipeline serving 45 percent of people on the East Coast, plus a look at President Biden's conservation plan.
There's also the matter of getting fuel from the pipeline to the pumps.
Different types of fuel — including gasoline, jet fuel and diesel — are moved through the pipeline system, and they can’t all be flowing through the same pipes at the same time. One of the main arteries from Houston to North Carolina moves different grades of gasoline, sending a batch of premium grade followed by regular, Joswick explained.
Another artery transports diesel, jet and home-heating fuel. Then there's a labyrinth of storage tanks and smaller pipelines that are loaded and unloaded with different types of fuel.
Trucks deliver fuel at different points along the way, and with a national trucker shortage, it isn’t easy for trucks to pick up all the slack.
Russia Denies Involvement in Colonial Pipeline Cyber Attack: Kremlin
President Joe Biden said that although U.S. intelligence had found no evidence to link the attack with the Russian government, he believed the country had "some responsibility to deal with" the issue.The pipeline, which stretches more than 5,500 miles and carries 45 percent of the East Coast's supply of diesel, petrol and jet fuel, was taken offline over the weekend, disrupting fuel supply across eastern parts of the country and pushing prices up.
“The supplies themselves really aren’t the issue, it's more the transportation,” said Akshaya Jha, assistant professor of economics and public policy at Carnegie Mellon University. “It’s really going to be transportation bottleneck.”
Prices for gasoline have spiked in some areas, and were already on the rise heading into the busy summer driving season, but those local price hikes are isolated and not likely to last, experts say.
WHAT HAPPENS NEXT TO COLONIAL PIPELINE?
After the dust has settled, Congress is likely to call hearings to question Colonial Pipeline executives and cybersecurity experts to help figure out what went wrong and how events like this could be prevented in the future. An outsidepractices three years ago found glaring problems.
The chairman of the Federal Energy Regulatory Commission, Richard Glick, said the government should create and enforce mandatory pipeline-security standards similar to those that have been required of the electricity sector for more than a decade.
Colonial Pipeline ransomware hack and gas shortage: What you need to know
A weekend shutdown of the pipeline is still playing out along the East Coast.Colonial Pipeline was the target of a ransomware attack that forced it to shut down operations.
And members of the House Energy Committee re-introduced bills this week aiming to strengthen the Department of Energy's ability to respond to cybersecurity threats and to encourage more coordination between the federal government and utilities.
Some might want regulators to ease permitting procedures so that more pipelines can be built, to boost reliability of supply. But there may be reluctance to facilitate building alternate pipeline routes, since President Joe Biden has made it clear that he wants to transition away from fossil fuels as quickly as possible, in favor of clean energy such as wind and solar.
“There’s going to be that tradeoff between making the permitting process easier, on the one hand, in order to get these pipelines built and then, on the other hand, should we be building these pipelines at all if we want to move away from fossil fuels?” Jha said.
When proposals are made on the state or federal level to combat cybersecurity threats, it's important to remember that one size does not fit all, said Drue Pearce, director of government affairs at Holland & Hart, and former deputy administrator of the Pipeline Hazardous Materials Safety Administration at the U.S. Department of Transportation. What fits the bigger players doesn't necessarily work for smaller ones, so it's difficult to write policies that work for everyone, she said.
Republicans blame Biden climate agenda for gas shortages
Republican politicians are linking this week’s gasoline shortages and price spikes to President Joe Biden’s moves to curb fossil fuel use as part of his aggressive climate agenda. © Provided by Washington Examiner “The Colonial Pipeline crisis shows that we need more American energy to fuel our economy, not less,” said House Republican Leader Kevin McCarthy of California in a tweet Tuesday. “But the Biden Administration has already canceled the Keystone Pipeline and paused oil and gas drilling, leaving our energy supply more vulnerable to attacks.
Pipelines and other companies that transport hazardous materials "get an incredible number of hacking attempts on a daily basis, already," Pearce said. ”You don’t know which ones are ransomware, you don’t know which one is a 13-year-old sitting at home wondering if he can break into this thing."
WHAT IS THE BIDEN ADMINISTRATION DOING?
There’s been a lot of activity in the last month aimed at strengthening the country’s cyber-defenses, most notably an executive order signed by Biden on Wednesday that would require all federal agencies to use basic cybersecurity measures and mandate new security standards for software makers that contract with the federal government.
The order also establishes a cybersecurity safety review board, creates a pilot program rating system to evaluate the security of software and establishes what officials say will be a standardized playbook for cyber responses.
The executive order is meant to fix what a senior administration official on Wednesday described as a “laissez faire” approach to cybersecurity. It is also intended to address some of the vulnerabilities exposed by recent major breaches, including the SolarWinds intrusion in which Russian hackers compromised federal agencies by targeting the software supply chain.
The Justice Department, meanwhile, has created a task force with the FBI to deal with ransomware, and the administration says it is taking steps to protect critical industries like the energy sector.
WHO WAS RESPONSIBLE FOR THE HACK AND WHERE ARE THEY?
The FBI has linked the ransomware to a Russian-speaking criminal syndicate known as DarkSide that has been on investigators’ radar for months.
Biden said Thursday said that the administration does not believe the Russian government was involved in the attack but that “we do have strong reason to believe that the criminals who did the attack are living in Russia. That’s where it came from.” He said the administration had been in touch with Moscow about the need to take action against ransomware operators.
“And we’re also going to pursue a measure to disrupt their ability to operate,” he added.
Bussewitz reported from New York.
Colonial Pipeline attack: A 'wake up call' about the threat of ransomware .
A relatively unsophisticated ransomware attack that caused a days-long shutdown of America's largest fuel pipeline last week — resulting in gas shortages, spiking prices and consumer panic — is exactly the sort of situation that cybersecurity experts have warned about for years. © Samuel Corum/Bloomberg/Getty Images A Colonial Pipeline Co. storage tank at a facility in the Port of Baltimore in Baltimore, Maryland, U.S., on Tuesday, May 11, 2021. And it could have been worse, said Nick Merrill, a researcher with the Center for Long-Term Cybersecurity at the UC Berkeley School of Information.