Colonial Pipeline said on Friday that a ransomware attack forced it to temporarily halt all pipeline operations.
United States Government Says Helping Major Pipeline Operator Restore Service After a cyberattack involving ransomware forced his network offline.
US Secretary of Commerce Gina Raimondo said on Sunday that Washington was working to avoid more serious disruptions to the fuel supply and to help the Colonial pipeline restart as quickly as possible.
The company operates a pipeline system that stretches over 8,850 km (5,500 miles) from Texas to New Jersey.
“It’s a hands-on-the-bridge effort right now,” Raimondo said in an interview on CBS’s Face the Nation show.
“We are working closely with the company, national and local authorities, to ensure that they return to normal operations as quickly as possible and that there are no disruptions in supply.”
Colonial Pipeline said in a statement Friday that it was the victim of a “cybersecurity attack” and a day later confirmed media reports that ransomware was involved in the incident.
Ransomware is a type of malware designed to lock down systems by encrypting data and demanding payment to regain access. The malware has grown in popularity over the past five years.
“In response, we proactively took some systems offline to contain the threat, which temporarily halted all pipeline operations and affected some of our IT systems,” the company said.
Colonial Pipeline transports 2.5 million barrels per day of gasoline, diesel, jet fuel and other refined products through its system, and claims to transport 45% of the fuel supply to the US east coast.
Retail fuel experts, including the American Automobile Association, have said that a multi-day outage could have significant effects on regional fuel supplies, particularly in the southeastern United States.
President Joe Biden was briefed on the cyberattack on Saturday morning, the White House said, adding that the government was working to help the company resume operations and prevent supply disruptions.
Experts said gas prices are unlikely to be affected if normal operations resume in the coming days, but the incident should serve as a warning to companies about the vulnerabilities they face.
David Kennedy, Founder and Senior Senior Security Consultant at TrustedSec, said that once a ransomware attack is discovered, companies have little recourse but to completely rebuild their infrastructure or pay the ransom.
“Ransomware is absolutely out of control and is one of the biggest threats we face as a nation,” Kennedy told the Associated Press news agency. “The problem we face is that most businesses are not prepared to deal with these threats.”