The audacious ransomware attack that shut down a major fuel pipeline and sent Americans scrambling for gasoline in the Southeast this week was not the first time hackers have disrupted America’s aging, vulnerable energy infrastructure. And it’s unlikely to be the last.
Across the globe, cyberattackers are increasingly taking aim at the energy systems that underpin modern society. A February report from IBM found that the energy industry was the third most targeted sector for such attacks in 2020, behind only finance and manufacturing. That was up from ninth place in 2019.
“This should be a wake-up call,” said Jonathon Monken, a principal at the energy consulting firm Converge Strategies. “When you look at what’s most likely to cause disruptions to energy companies today, I think you have to put cybersecurity risks at the top.”
Despite years of warnings, America’s vast network of pipelines, electric grids and power plants remains acutely vulnerable to cyberattacks with the potential to disrupt energy supplies for millions of people. Dealing with those risks, analysts said, will pose a major challenge for the Biden administration as it seeks hundreds of billions of dollars to modernize the nation’s energy infrastructure and transition to cleaner sources of energy to address climate change.
Regulators are increasingly poised to step in. On Monday, Richard Glick, the chairman of the Federal Energy Regulatory Commission, said it was time to establish mandatory cybersecurity standards for the nation’s nearly 3 million miles of oil and gas pipelines, similar to those currently found in the electricity sector.
The risks to the nation’s energy systems are widespread and varied. Many oil and gas pipelines, for instance, rely on decades-old control systems that are not well defended against more sophisticated cyberattacks and can’t be easily updated.
And it’s not just pipelines. As electric grid operators harness a growing array of digital technologies to help manage the flow of power and cut planet-warming emissions — such as smart thermostats, or far-flung yet interconnected networks of solar arrays — hackers may find new entry points to exploit.
On Saturday, Colonial acknowledged that its corporate computer systems had been hit by a ransomware attack, in which criminal groups hold data hostage until the victim pays a ransom. The company said that it had shut down the pipeline as a precaution, apparently for fear that the hackers might have obtained information that would enable them to attack parts of the pipeline itself.
Colonial said on Wednesday that it had started to resume pipeline operations, though it would take several days to restore full service. But throughout the Southeast, panicked Americans were racing to stock up on gasoline, causing thousands of gas stations to run out of fuel.