Colonial Pipeline Halts All Operations After A Cyberattack

On Friday, Colonial Pipeline, the largest U.S. refined fuel pipeline operator, shut down its entire network because of a cyberattack. In a statement late Friday, the company claimed that a hacker had targeted it in a ransomware attack.

Here’s a diagram of the massive Colonial Pipeline system that just got shut down by a ransomware attack.

It serves ~50 million people.

Pic: WSOC pic.twitter.com/TIq2DYSXgD

Subscribe to our free weekly newsletter!

A week of political news in your in-box.
We find the news you need to know, so you don't have to.

— John Scott-Railton (@jsrailton) May 8, 2021

After suffering a major pipeline leak in late February, the company reported that after the attack on Friday, it would temporarily halt all operations.

The company released a statement late Friday night detailing its plans for resuming operations. “On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack. We have since determined that this incident involves ransomware. In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations and affected some of our I.T. systems. Upon learning of the issue, a leading, third-party cybersecurity firm was engaged, and they have launched an investigation into the nature and scope of this incident, which is ongoing. We have contacted law enforcement and other federal agencies.”

The press release continues, “Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline.”

In an overnight statement, Colonial Pipeline confirms it’s a cyberattack. https://t.co/shqXrfhM0q pic.twitter.com/CGdbOsCelb

— Zack Whittaker (@zackwhittaker) May 8, 2021

Colonial Pipeline said on Friday that the compromised databases within its I.T. system had been shut down. It made the announcement about the “precautionary” measures late Friday.

Ransomware is malicious software designed to lock down systems by encrypting data and demanding payment to regain access.

Colonial Pipeline transports 2.5 million barrels of gasoline, jet fuel, diesel and other refined products through 8,850km (5,500 miles) of pipelines per day.

Colonial Pipeline also transports 45 percent of the entire east coast fuel supply.

Experts said that the attack is not likely to impact the U.S. gasoline supplies and prices unless it leads to a prolonged shutdown.

We are aware of the Colonial Pipeline ransomware incident. We are engaged with Colonial and our interagency partners regarding the situation. (1/3) pic.twitter.com/8YV7qEHfnc

— Cybersecurity and Infrastructure Security Agency (@CISAgov) May 8, 2021