US EXPLAINER: What's next for pipelines after Colonial hack
Pipeline cyberattack: Regulator urges CEOs to intensify cyber defenses
Neil Chatterjee, a top federal energy regulator, is calling on energy CEOs to step up their cyber defenses following a ransomware attack that knocked one of America's most important pipelines offline. © Jim Lo Scalzo/EPA-EFE/Shutterstock Mandatory Credit: Photo by JIM LO SCALZO/EPA-EFE/Shutterstock (11895253o) An image made with a drone shows fuel tanks at a Colonial Pipeline breakout station in Woodbine, Maryland, USA, 08 May 2021. A cyberattack forced the shutdown of 5,500 miles of Colonial Pipeline's sprawling interstate system, which carries gasoline and jet fuel from Texas to New York.
WASHINGTON (AP) — The nation’s largest fuel pipeline is flowing again after the company that runs it it was hit by a gang of hackers. But long lines remain at gas stations throughout the Southeast. That's because drivers are buying more gasoline then they need, draining supplies at filling stations. Plus, there are logistical hurdles slowing fuel deliveries of fuel from the Colonial Pipeline.
The incident was one of a series of wake-up calls about the growing threat hackers pose to the nation's critical infrastructure., where hackers demand large sums of money to decrypt stolen data or to prevent it from being leaked online, have hit thousands of businesses and hundreds of health care centers in the U.S. in the past year.
EXPLAINER: Why the Colonial Pipeline hack matters
NEW YORK (AP) — A cyberattack on a critical U.S. pipeline is sending ripple effects across the economy, highlighting cybersecurity vulnerabilities in the nation's aging energy infrastructure. The Colonial Pipeline, which delivers about 45% of the fuel used along the Eastern seaboard, shut down Friday after a ransomware attack by gang of criminal hackers that calls itself DarkSide. Depending on how long the shutdown lasts, the incident could impact millions of consumers. © Provided by Associated Press FILE - In this Sept. 20, 2016 file photo vehicles are seen near Colonial Pipeline in Helena, Ala.
Questions remain about what steps companies or government officials should take to buttress defenses against cyberattacks.
WHEN WILL FUEL SUPPLIES GET BACK TO NORMAL?
Colonial restarted its pipeline late Wednesday, which means fuel is now running between refineries in Houston and Southeast states. But it will take a few days or weeks for everything to get back to normal.
Gas stations in the Southeast should open for business and well supplied next week, but only if the pipeline operates as planned and consumers stop hoarding fuel, said Richard Joswick, global head of oil analytics at S&P Global Platts. When the panic passes, people will have full tanks and demand will drop, but “people have to convinced that they don’t have to panic buy,” Joswick said.
Colonial Pipeline wasn't the first and won't be the last cyber pirate attack
The fact that an apparent group of cyber pirates -- a secret criminal nerd syndicate -- can take down the aorta of fuel for the East Coast should be sending shockwaves through the country. © Michael M. Santiago/Getty Images WOODBRIDGE, NEW JERSEY - MAY 10: Fuel holding tanks are seen at Colonial Pipeline's Linden Junction Tank Farm on May 10, 2021 in Woodbridge, New Jersey. We've all read this year about the pandemic threatening supply chains and about climate change causing more freak weather that threatens power grids.
There's also the matter of getting fuel from the pipeline to the pumps.
Different types of fuel — including gasoline, jet fuel and diesel — are moved through the pipeline system, and they can’t all be flowing through the same pipes at the same time. One of the main arteries from Houston to North Carolina moves different grades of gasoline, sending a batch of premium grade followed by regular, Joswick explained.
Another artery transports diesel, jet and home-heating fuel. Then there's a labyrinth of storage tanks and smaller pipelines that are loaded and unloaded with different types of fuel.
Trucks deliver fuel at different points along the way, and with a national trucker shortage, it isn’t easy for trucks to pick up all the slack.
Pipeline officials hope most service will be back by weekend
WASHINGTON (AP) — Hit by a cyberattack, the operator of a major U.S. fuel pipeline said it hopes to have services mostly restored by the end of the week as the FBI and administration officials identified the culprits as a gang of criminal hackers. U.S. officials sought to soothe concerns about price spikes or damage to the economy by stressing that the fuel supply had so far not experienced widespread disruptions, and the company said Monday that it was working toward “substantially restoring operational service” by the weekend. © Provided by Associated Press A company that operates a major U.S.
“The supplies themselves really aren’t the issue, it's more the transportation,” said Akshaya Jha, assistant professor of economics and public policy at Carnegie Mellon University. “It’s really going to be transportation bottleneck.”
Prices for gasoline have spiked in some areas, and were already on the rise heading into the busy summer driving season, but those local price hikes are isolated and not likely to last, experts say.
WHAT HAPPENS NEXT TO COLONIAL PIPELINE?
After the dust has settled, Congress is likely to call hearings to question Colonial Pipeline executives and cybersecurity experts to help figure out what went wrong and how events like this could be prevented in the future. An outsidepractices three years ago found glaring problems.
The chairman of the Federal Energy Regulatory Commission, Richard Glick, said the government should create and enforce mandatory pipeline-security standards similar to those that have been required of the electricity sector for more than a decade.
Daily on Energy: Trump energy secretary makes case against mandating cybersecurity standards for pipelines
Subscribe today to the Washington Examiner magazine and get Washington Briefing: politics and policy stories that will keep you up to date with what's going on in Washington. SUBSCRIBE NOW: Just $1.00 an issue! © Provided by Washington Examiner DOE Header 2020 BROUILLETTE VERSUS CYBERSECURITY STANDARDS: Trump administration Energy Secretary Dan Brouillette says requiring pipelines to follow certain cybersecurity standards is not the answer to preventing future attacks like the one on the Colonial Pipeline.
And members of the House Energy Committee re-introduced bills this week aiming to strengthen the Department of Energy's ability to respond to cybersecurity threats and to encourage more coordination between the federal government and utilities.
Some might want regulators to ease permitting procedures so that more pipelines can be built, to boost reliability of supply. But there may be reluctance to facilitate building alternate pipeline routes, since President Joe Biden has made it clear that he wants to transition away from fossil fuels as quickly as possible, in favor of clean energy such as wind and solar.
“There’s going to be that tradeoff between making the permitting process easier, on the one hand, in order to get these pipelines built and then, on the other hand, should we be building these pipelines at all if we want to move away from fossil fuels?” Jha said.
When proposals are made on the state or federal level to combat cybersecurity threats, it's important to remember that one size does not fit all, said Drue Pearce, director of government affairs at Holland & Hart, and former deputy administrator of the Pipeline Hazardous Materials Safety Administration at the U.S. Department of Transportation. What fits the bigger players doesn't necessarily work for smaller ones, so it's difficult to write policies that work for everyone, she said.
Colonial Pipeline launches restart after six-day shutdown
The Colonial Pipeline launched the restart of its operations Wednesday evening following a six-day shutdown caused by a ransomware attack, but the pipeline's operators warned it will take several days for service to return to normal. © Samuel Corum/Bloomberg/Getty Images A Colonial Pipeline Co. storage tank at a facility in the Port of Baltimore in Baltimore, Maryland, U.S., on Tuesday, May 11, 2021. Fuel shortages are expanding across several U.S. states in the East Coast and South as filling stations run dry amid the unprecedented pipeline disruption caused by a criminal hack.
Pipelines and other companies that transport hazardous materials "get an incredible number of hacking attempts on a daily basis, already," Pearce said. ”You don’t know which ones are ransomware, you don’t know which one is a 13-year-old sitting at home wondering if he can break into this thing."
WHAT IS THE BIDEN ADMINISTRATION DOING?
There’s been a lot of activity in the last month aimed at strengthening the country’s cyber-defenses, most notably an executive order signed by Biden on Wednesday that would require all federal agencies to use basic cybersecurity measures and mandate new security standards for software makers that contract with the federal government.
The order also establishes a cybersecurity safety review board, creates a pilot program rating system to evaluate the security of software and establishes what officials say will be a standardized playbook for cyber responses.
The executive order is meant to fix what a senior administration official on Wednesday described as a “laissez faire” approach to cybersecurity. It is also intended to address some of the vulnerabilities exposed by recent major breaches, including the SolarWinds intrusion in which Russian hackers compromised federal agencies by targeting the software supply chain.
The Justice Department, meanwhile, has created a task force with the FBI to deal with ransomware, and the administration says it is taking steps to protect critical industries like the energy sector.
WHO WAS RESPONSIBLE FOR THE HACK AND WHERE ARE THEY?
The FBI has linked the ransomware to a Russian-speaking criminal syndicate known as DarkSide that has been on investigators’ radar for months.
Biden said Thursday said that the administration does not believe the Russian government was involved in the attack but that “we do have strong reason to believe that the criminals who did the attack are living in Russia. That’s where it came from.” He said the administration had been in touch with Moscow about the need to take action against ransomware operators.
“And we’re also going to pursue a measure to disrupt their ability to operate,” he added.
Bussewitz reported from New York.
Colonial Pipeline paid a $5M ransom – but will that only invite other malware hacks?: 'If the payments stop, the attacks will stop' .
Some cybersecurity experts, afraid Colonial Pipeline's $5M payout to hackers will trigger more malware attacks, are seeking a ban on ransom payments.The critiques stem from a decision by Colonial Pipeline, a gasoline delivery company, to pay more than $5 million for control of its computer system from a criminal syndicate known as Darkside.