Ransomware Attack on US Crude Oil Grid; Colonial Pipeline Shuts Key Line

  • Updated
Cyber criminals have attacked one of the largest fuel pipelines in the US, prompting an immediate shutdown by its operator Colonial Pipeline.

Colonial Pipeline, which carries 45 per cent of the fuel supplies for the eastern US, said in a statement that it took "certain systems offline to contain the threat, which has temporarily halted all pipeline operations and affected some of our IT systems."

According to The New York Times, the pipeline is 8850 kms long and carries jet fuel and refined gasoline from the Gulf Coast to New York, transporting some 2.5 million barrels daily.

Media reports said it was a ransomware attack but the identity of the cyber attackers could not be established.

"Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation," the company said in a statement on Saturday.

OIl Pipeline
US oil pipeline - Representational Wikimedia Commons

No Immediate Disruption to Consumers

"This process is already underway, and we are working diligently to address this matter and to minimise disruption to our customers and those who rely on Colonial Pipeline," it added.

US-based third-party cyber security firms were engaged to probe the nature and scope of the incident.

The NYT reported that it was unlikely that the shutdown would cause immediate disruption to consumers, since most of the fuel goes into storage tanks.

The cyber attack on the fuel pipeline is a huge one after the SolarWinds software attack.

After launching diplomatic and financial offensives against Russian officials and businesses in retaliation for election-meddling in the US last month, the Joe Biden administration also highlighted the massive SolarWinds cyber-attack by the Russia-based nation-state threat actors that hit more than 250 federal agencies and several tech giants.

Since February, the Biden administration has been working to remediate the SolarWinds attack and change federal IT practices to protect against similar attacks in the future.

Several federal agencies and over 100 private sector companies including tech giants like Intel, Cisco, VMware and Nvidia were compromised as a result of SolarWinds software hack, according to the White House.

Widespread Cyber-Attack

In the widespread cyber-attack, hackers also broke into the networks of NASA and the Federal Aviation Administration (FAA).

In another big cyber-attack after SolarWinds, at least 30,000 organisations across the US, including government and commercial firms, were hacked by China-based threat actors who used Microsoft's Exchange Server software to enter their networks.

The Federal Bureau of Investigation (FBI) then launched a mega operation to copy and remove malicious web shells from hundreds of vulnerable computers in the US that were running on-premises versions of Microsoft Exchange Server software used to provide enterprise-level email service.

This article was first published on May 9, 2021