A huge cyberattack that has taken four key fuel pipelines into the US offline has prompted emergency steps by the US government, amid warnings that the key infrastructure could be offline until the end of the week or beyond. The hack of Colonial Pipeline on May 7 saw ransomware installed on the company’s systems, with the FBI already pinpointing DarkSide as responsible for the unexpected shutdown.
“The FBI confirms that the Darkside ransomware is responsible for the compromise of the Colonial Pipeline networks,” the Federal Bureau of Investigation said in a statement. “We continue to work with the company and our government partners on the investigation.”
Ransomware typically infects a system, encrypts key data, and then – as the name implies – demands money in return for unlocking it again. Colonial Pipeline indicated that taking the pipelines offline was a proactive step once the malware was identified. However turning those systems back on takes time.
“Colonial Pipeline continues to dedicate vast resources to restoring pipeline operations quickly and safely,” the company said in a statement today. “Segments of our pipeline are being brought back online in a stepwise fashion, in compliance with relevant federal regulations and in close consultation with the Department of Energy, which is leading and coordinating the Federal Government’s response.”
The US Department of Transportation said on Sunday that it was temporarily lifting limits on shift caps for truckers involved in moving gasoline and other fuels. The step, by its Federal Motor Carrier Safety Administration (FMCSA), will mean drivers can effectively work longer periods as long as they’re involved in getting fuel resources throughout key Eastern, Southern, and Western US states.
“FMCSA is issuing a temporary hours of service exemption that applies to those transporting gasoline, diesel, jet fuel and other refined petroleum products,” the FMCSA said, “to Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.”
Still, even with those mitigating efforts, the potential implications of the hack could be significant. Experts are already warning that fuel prices could rise as a result of the hampered distribution, even if outright shortages are minimized.
“While this situation remains fluid and continues to evolve, the Colonial operations team is executing a plan that involves an incremental process that will facilitate a return to service in a phased approach,” the pipeline operator said today. “This plan is based on a number of factors with safety and compliance driving our operational decisions, and the goal of substantially restoring operational service by the end of the week. The Company will provide updates as restoration efforts progress.”
Early reports had linked DarkSide, the hacking group responsible for the eponymous ransomware tool, with potential Russian cybercrime operations. However in a statement published to the group’s site, CNBC reports, it apparently sought to distance itself from such suggestions.
“We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for our motives,” the group’s statement argued. “Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”
Colonial Pipeline is responsible for the largest fuel pipeline in the US. Its system covers more than 5,500 miles between Houston, Texas and Linden, New Jersey, the company says, transporting not only gasoline and diesel but also jet fuel, home heating oil, and fuel for the U.S. Military. Normally, it would carry more than 100 million gallons each day, or approximately 45-percent of all fuel consumed on the East Coast of the US.