Scores of vehicles line up to enter a gasoline station as demand for fuel surges following the cyberattack that crippled the Colonial Pipeline, in Durham, North Carolina, US, on May 12 2021. Picture: REUTERS/JONATHAN DRAKE
Scores of vehicles line up to enter a gasoline station as demand for fuel surges following the cyberattack that crippled the Colonial Pipeline, in Durham, North Carolina, US, on May 12 2021. Picture: REUTERS/JONATHAN DRAKE

New York — The US’s biggest petrol pipeline is unlikely to resume significant operations for several days due to a ransomware cyberattack that Washington on Monday blamed on a shadowy criminal network called DarkSide.

The attack on the Colonial Pipeline between Houston and New Jersey, which provides nearly half the fuel to the US East Coast, is one of the most disruptive digital ransom schemes ever reported.

The privately owned company on Monday said it was working on restarting in phases with “the goal of substantially restoring operational service by the end of the week.”

The FBI attributed the cyberattack to DarkSide, a group cyber experts say may be based in Russia or Eastern Europe. Its ransomware targets computers that do not use keyboards in the languages of former Soviet republics, they said.

But US President Joe Biden said there was no evidence so far that Russia was involved in the attack.

“So far there is no evidence based on, from our intelligence people, that Russia is involved, although there’s evidence that the actors’ ransomware is in Russia,” Biden said.

A statement in the group’s name said, “Our goal is to make money, and not creating problems for society.” Its statement did not mention Colonial Pipeline by name.

Ransomware is a type of malware designed to lock computers by encrypting data and demanding payment to regain access. It is unknown how much money the hackers are seeking, and Colonial has not commented on whether it would pay.

Anne Neuberger, deputy national security adviser for cybersecurity, told reporters that the Biden administration is not offering advice on whether Colonial should pay the ransom.

Colonial on Friday voluntarily shut its 8,900km pipeline network, which moves fuels including petrol, diesel and jet fuel, to protect its systems. The closure triggered fears of retail petrol price spikes, shortages and travel disruption.

The episode laid bare the vulnerabilities of energy infrastructure to hackers. US legislators responded with calls for stronger protections for critical energy infrastructure.

A spokesperson for UN secretary-general Antonio Guterres said the attack showed that UN member states needed to combat cybercrime to avoid “devastating impact on the world that we all live in”.

Colonial restarted some smaller lines on Sunday between fuel terminals and customer delivery points. But its main lines remained shut, and an alternative, smaller conduit owned by Kinder Morgan serving the same region reached capacity.

This has created concerns in energy markets ahead of the summer vacation season, when petrol demand and airline travel tend to peak.

Pain at the pump?

Fuel demand in the southeastern US has already picked up as consumers fear shortages. Petrol stations in states such as Georgia, North Carolina and Tennessee were seeing some abnormal buying, said Patrick de Haan, head of petroleum analysis at GasBuddy.

The American Automobile Association said the national petrol price average climbed 6c on the week to $2.96 a gallon, the highest since May 2018.

In East Atlanta, Georgia, Marcus Blash, the owner of a small trucking company, worried when he heard the news of the pipeline shutting down. His company doesn’t have any ability to store fuel on site to hedge against prices.

“We pay at the pump,” he said. “It hasn't hit us yet, but this is going to hurt big time.”

If the disruption stretches on, fuel suppliers could ship by trucks and rail instead. The department of transportation announced emergency measures on Sunday, lifting driver restrictions on fuel haulers in 17 states affected by the shutdown.

US fuel importers are also booking at least six tankers to ship gasoline from Europe to US destinations following the attack.

Total reduced petrol production on Monday at its 225,500 barrel-per-day Port Arthur, Texas, refinery because the pipeline shutdown left it without a way to ship the petrol, sources said. 

Reuters

subscribe

Would you like to comment on this article or view other readers' comments?
Register (it’s quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.