WASHINGTON – Impressed by a cyber attack, the operator of a major US fuel pipeline said it expected services to be restored by the end of the week as FBI and administration officials identified the culprits as a gang of criminal hackers.
US officials, seeking to address concerns about price increases or damaging the economy, said fuel supplies had not yet experienced widespread disruptions, and the company said on Monday that it would be “operational until the weekend” Was working towards “restoring the service”.
The Colonial Pipeline, which saves about 45% of the fuel consumed on the East Coast, halted operations after revealing a ransomware attack last week that said some of its systems were affected.
However, the attack underscored the weaknesses of the nation’s energy sector and other important industries, whose infrastructure is largely privately owned. Ransomware attacks are typically carried out by criminal hackers who cut data, paralyze victim networks, and demand large payments to decrypt it.
The threat of the colonial attack was a powerful reminder of the real-world implications. Even as the Biden administration works to counter organized hacking campaigns sponsored by foreign governments, it must still grapple with hard-to-defend attacks from cybercriminals.
“We need to invest to protect our critical infrastructure,” Biden said on Monday. Energy Secretary Jennifer Granholm said the attack “tells you how vulnerable we are to a cyber attack on America’s infrastructure”.
The attack occurred as the administration, still reeling from the response to large-scale violations by Russia of federal agencies and private corporations, acted on an executive order aimed at reducing the security of cybersecurity. The Department of Justice, meanwhile, has formed a ransomware task force designed for situations such as the Colonial Pipeline, and on 20 April the Department of Energy announced a 100-day initiative focused on protecting energy infrastructure from cyber threats. . Similar actions are taken for other important industries, such as water and natural gas.
Despite this, the challenge before the government and the private sector is enormous.
In this case, the FBI publicly blamed the convict on Monday, saying that the ransomware used in the attack was named Darkside. Members of the group are Russian-speaking, and the syndicate’s malware is coded to not attack the network using Russian-language keyboards.
White House Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger said in a briefing that the group has been on the FBI’s radar for months. He said its business model was to demand ransom payments from the victims and then split the proceeds with ransomware developers, which he said was “a new and very disturbing version.”
He declined to say whether the colonial pipeline paid any ransom, and the company gave no indication of that one way or the other. Although the FBI has historically discouraged paying victims out of fear of fostering additional attacks, they acknowledged the “very difficult” situation that victims face and said the administration was “in the area” There is a need to think carefully about how best to stop ransomware.
“Given the increase in ransomware, this is an area we are certainly looking at now to say, ‘What should be the approach for the government to pay ransomware actors and ransom overall?”
Speaking later in the day at a conference on national security, Neuberger said the administration is committed to leveraging the government’s enormous buying power to ensure that software makers make their products less vulnerable to hackers.
“Safety cannot be considered,” Neuberger said. “We don’t buy a car and only then decide that we want to pay for seatbelt and airbags.”
The US last month approved the Kremlin for a hack of federal government agencies known as Solarwind Breach, with officials linked to a Russian intelligence unit and characterized as an intelligence-gathering operation.
In this case, however, hackers are not known to act at the behest of any foreign government. The group posted a statement on its Dark Web site stating itself as apolitical. “Our goal is to make money, and not create problems for society,” Darkside said.
Asked on Monday whether Russia was involved, Biden said, “I am going to have a meeting with President (Vladimir) Putin, and so far there is no evidence from our intelligence people that Russia is involved, although the evidence The actor is in Ransomware, Russia.
“They have some responsibility to deal with it,” he said.
US officials, especially given the important role of the colonial pipeline in the transportation of gasoline, jet fuel, diesel, and other petroleum products between Texas and the East Coast, have concerns about a sluggish economic impact and the possibility of fuel supply disruptions Has demanded to face.
Colonial is in the process of reintroducing parts of its network. It said on Monday that it was evaluating product inventories in storage tanks at its facilities. Administration officials insisted that some of its systems were taken offline by the colonial to prevent the ransomware from commercial computer systems to control those pipes and operate the pipeline.
In response to the attack, the administration relaxed regulations to transport petroleum products on highways as part of an “all-hands-on-deck” effort to avoid fuel supply disruptions.
“The timing of the outage is now reaching critical levels and if it remains down, we expect East Coast Petrol and Diesel prices to rise,” said IHS Markit Executive Director Debneel Chaudhary. The last time there was a shortfall of this magnitude was in 2016, he said, when gas prices rose 15 to 20 cents per gallon. The Northeast had much higher local solvency at that time.
According to Third Bridge analysts, the pipeline uses both common and custom technology systems, which can complicate efforts to bring the entire network online.
“Cyber attacks on our critical infrastructure – especially energy infrastructure – are not going away,” said Energy Secretary Granholm.
“This is a serious example of what we are seeing in many places across the board and it shows that we need to invest in our transmission grid for power, in our system. We need to invest in cyber defense in these energy systems, ”she told Bloomberg TV.
The attack has not affected the supply of gasoline, he said, “but if it gets too long, then certainly the
Gasoline futures rose on Monday. Futures for crude oil and fuel, prices that traders pay for contracts for future delivery, usually begin to rise each year anyway according to the driving season outlook. The price you pay at the pump follows.
The average US price of regular grade gasoline has risen 6 cents to $ 3.02 per gallon in the past two weeks, $ 1.05 more than a year ago. The numbers are down slightly from a year ago, as the nation was going into lockdown due to the epidemic.
An attack on the colonial pipeline could increase upward pressure on prices if left unresolved for a period of time.
Associated Press writers Frank Bajak in Boston and Matthew Daly in Washington contributed to this report.