The operator of the biggest gasoline pipeline in the U.S. shut down operations late Friday following a ransomware attack that threatens to roil energy markets and upend the supply of gas and diesel to the East Coast. Colonial Pipeline said in a statement Saturday that it “proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.” It’s working to get business back to normal.
The attack appeared to use a ransomware group called DarkSide, according to Allan Liska, senior threat analyst at cybersecurity firm Recorded Future. Hacking threats to critical infrastructure have been growing, prompting the White House to respond last month with a plan to try to increase the security of utilities and their suppliers. Pipelines are a specific concern because they play a central role in so many parts of the U.S. economy.
The latest attack comes as the nation’s energy industry gears up for summer travel and stronger fuel demand as pandemic economic restrictions are eased. It’s also an unpleasant reminder of how a cyber-attack brought down the communications systems of several U.S. natural gas pipelines operators in 2018.