/Ransomware cyberattack shuts down major US pipeline, company says – ABC News

Ransomware cyberattack shuts down major US pipeline, company says – ABC News


Colonial Pipeline was targeted with a cyberattack Friday night.

A cyberattack has forced the shutdown of a major gas pipeline in the U.S. that supplies 45% of all fuel consumed on the East Coast.

The cyberattack against Colonial Pipeline, which runs from Houston to Linden, New Jersey, began 7 p.m. on Friday night, according to a Federal Emergency Management Agency report reviewed by ABC News.

“We proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems,” the company said in a statement.

Colonial Pipeline said in an update Saturday the attack involved ransomware.

Colonial’s network supplies fuel from U.S. refiners on the Gulf Coast to the eastern and southern U.S. and transports 2.5 million barrels a day of gasoline, diesel, jet fuel and other products through 5,500 miles of pipelines, the company said.

It’s not clear how long the pipelines would be shut down. The shutdown will affect other pipeline operations such as the Buckeye and Twin Oaks Pipeline, which runs through the New York City-Long Island area and Maine, FEMA said.

The company, based in Alpharetta, Georgia, said it hired an outside cybersecurity firm to investigate the nature and scope of the attack and has also contacted law enforcement and federal agencies.

“Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline,” the company said.

President Joe Biden has been briefed on the situation, according to a White House spokesperson.

“The federal government is working actively to assess the implications of this incident, avoid disruption to supply, and help the company restore pipeline operations as quickly as possible,” the spokesperson said.

The official said the administration is proactively reaching out across the sector to ensure that they have protections in place that can detect similar attacks.

The FBI said it is working with Colonial Pipeline on the ransomware attack.

“FBI was notified of a network disruption at Colonial Pipeline on May 7, 2021 and is working closely with the company and government partners,” the FBI said. “We have nothing additional to share at this time.”

The Cybersecurity and Infrastructure Security Agency released a statement saying they are “engaged” with the company.

“We are engaged with the company and our interagency partners regarding the situation,” Eric Goldstein, CISA’s executive assistant director of the Cybersecurity Division said. “This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.”

Department of Homeland Security Secretary Alejandro Mayorkas spoke about the dangers of ransomware earlier this week given the recent spate of ransomware attacks, including the hack of the Washington, D.C., Metropolitan Police Department and the Illinois Attorney General’s Office.

ABC News’ Josh Margolin, Molly Nagle and Luke Barr contributed to this report

Original Source