US Gas Price Spike Feared as Ransomware Attack Shuts Colonial Pipeline Network

03:15  09 may  2021
03:15  09 may  2021 Source:   newsweek.com

Ransomware is now a national security risk. This group thinks it knows how to defeat it

  Ransomware is now a national security risk. This group thinks it knows how to defeat it Recommendations ranging from additional support for victims to regulating Bitcoin to prevent it being used to extort payment aim to help protect society as a whole from being plagued by ransomware attacks.Ransomware is a growing international problem and it needs global cooperation in order to prevent attacks and take the fight to the cyber criminals behind the disruptive malware campaigns.

Colonial shut down its gasoline and distillate lines during Hurricane Harvey, which hit the Gulf Coast in 2017. That contributed to tight supplies and gasoline price rises in the United States after the hurricane forced many Gulf refineries to shut down. While there have long been fears about US adversaries disrupting American energy suppliers, criminal ransomware attacks are much more common and have become increasingly common. The attack comes after news of the Biden administration’s 100-day plan to protect the nation’s critical infrastructure against cybersecurity threats.

Cyber attackers who shut down one of the US’ main fuel pipelines used so-called ransomware to lock up the system. Moving 100 million gallons of fuel a day, the pipeline is a critical target. A gasoline and diesel pipeline running the length of the US East Coast was temporarily shut down following a cyber attack on Friday. The pipeline ’s operator, the Colonial Pipeline Company, released a statement on Friday night acknowledging the “cybersecurity attack ” and announcing that “all pipeline operations” had been halted in response.

Fears of spiked gas, oil and diesel prices struck the eastern United States after a Friday night ransomware cyberattack shut a pipeline overseen by company Colonial Pipeline. Energy, oil and gas analysts immediately cautioned that any prolonged outage on the 5,500 miles of pipeline could cause major disruptions and a spike in gas pump prices along the East Coast.

a hand holding a green object: A hand holds a gas pump while fueling a car in this undated file photo. © Muhammet Akbulut/Getty A hand holds a gas pump while fueling a car in this undated file photo.

Colonial Pipeline, the country's largest refined products pipeline operator, has not said who they suspect carried out the cyberattacks that typically involve criminal hackers seizing data and demanding payment for its return.

What is ransomware? Everything you need to know about one of the biggest menaces on the web

  What is ransomware? Everything you need to know about one of the biggest menaces on the web Updated: Everything you need to know about ransomware: how it started, why it's booming, how to protect against it.What is ransomware?

Source: Colonial Pipeline . The attack appeared to use a ransomware group called DarkSide, according to Allan Liska, senior threat analyst at cybersecurity firm Recorded Future. Hacking threats to critical infrastructure have been growing, prompting the White House to respond last month with a plan to try to increase the Colonial gave an indication during Friday trading that it was having network issues, while two people familiar said they were having a hard time submitting refined product batches, updates or changes to batch deliveries and nominations using their Colonial Pipeline website access.

Top U.S. fuel pipeline operator Colonial Pipeline has shut its entire network after a cyberattack, the company said in a statement on Friday. Colonial 's network supplies fuel from U.S refiners on the Gulf Coast to the populous eastern and southern United States. The company transports 2.5 million Colonial Pipeline says it transports 45 percent of East Coast fuel supply. In a subsequent statement Saturday it blamed ransomware . "We have since determined that this incident involves ransomware ," Colonial Pipeline said. "In response, we proactively took certain systems offline to contain the threat

Gas and diesel prices have spiked during Colonial shuts before, including a 2017 leak that led to extreme price gouging in the days which followed. But many oil and gas experts were optimistic Saturday morning that no gas price spike would occur for U.S. drivers and truckers if the shut was only temporary.

"The challenges brought on by the Colonial Pipeline shut down would likely not appear for several days or longer. My guess is they'll be able to restart the pipeline before any major issues develop. This should NOT be a pricing event- but this may be a supply event," remarked Patrick De Haan, an oil and refined products expert. "By 'pricing event' I meant not one motorists will generally 'see' that is, not an overnight spike."

Oil analyst Andy Lipow told the Associated Press that the length of the pipeline shut is crucial, with an outage of five to six days potentially causing shortages and price hikes for motorists ranging from central Alabama up to Washington D.C.

EXPLAINER: Why the Colonial Pipeline hack matters

  EXPLAINER: Why the Colonial Pipeline hack matters NEW YORK (AP) — A cyberattack on a critical U.S. pipeline is sending ripple effects across the economy, highlighting cybersecurity vulnerabilities in the nation's aging energy infrastructure. The Colonial Pipeline, which delivers about 45% of the fuel used along the Eastern seaboard, shut down Friday after a ransomware attack by gang of criminal hackers that calls itself DarkSide. Depending on how long the shutdown lasts, the incident could impact millions of consumers. © Provided by Associated Press FILE - In this Sept. 20, 2016 file photo vehicles are seen near Colonial Pipeline in Helena, Ala.

(Bloomberg) -- Colonial Pipeline is working to restore operations after a cyber- attack prompted the company to take its systems offline, threatening the supply of refined petroleum products to gas stations in major cities on the U.S. eastern seaboard. Colonial , which runs the largest U.S. gasoline and diesel pipeline system, has hired a third-party cybersecurity firm to investigate and contacted law enforcement and other federal agencies. It’s trying to minimize disruption to customers, the company said in a statement late Friday.

The operator, Colonial Pipeline , which transports more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor, according to its website, said it learned of the cyberattack on Friday, causing them to pause operations. "In response, we proactively took certain The attack comes amid rising concerns over the cybersecurity vulnerabilities in America's critical infrastructure following recent incidents, and after the Biden administration last month launched an effort to beef up cybersecurity in the nation's power grid, calling for industry leaders to install technologies

Video: Cyberattack halts major US gas pipeline system (ABC News)

Another U.S. energy company told the AP that it was forced to "temporarily halt" all operations on a pipeline that delivers about 45 percent of all fuel consumed by Eastern Seaboard states.

The last reported shut of the pipeline was in October 2020 during Hurricane Delta. The Colonial shut its main distillate fuel line down on October 11 after the hurricane disrupted electric power and halted transport between Houston and Greensboro, North Carolina.

Colonial Pipeline announced Saturday morning that its working to restore operations and hired a third-party cybersecurity firm to investigate the targeted ransomware attack. Colonial issued a statement saying it "proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, affected some of our IT systems."

Federal law enforcement agencies were informed of the likely cyberattack, the company said. A senior threat analyst at the cybersecurity firm Recorded Future told the AP that the attack may have used a ransomware group called "DarkSide."

Colonial Pipeline is the primary source of gasoline, diesel and jet fuel for the entire East Coast, with a capacity of 2.5 million barrels per day traveling anywhere between Texas and North Carolina.

Start your unlimited Newsweek trial

Should Colonial Pipeline have paid a ransom to DarkSide hackers? .
The company's nearly $5 million ransom payment to hackers defies the conventional wisdom that companies shouldn't give in to cybercriminals' demands.In a ransomware attack, criminals encrypt a company’s data and demand an extortion payment in exchange for a special key that will restore the company’s access to its files. Colonial Pipeline’s decision to pay the hackers flies in the face of most official recommendations. US policy—and the standing advice of many other national governments and intelligence agencies—is clear: Companies should not pay ransoms to hackers.

usr: 5
This is interesting!