Colonial Pipeline was the target of a ransomware attack that forced it to shut down operations.
Getty ImagesColonial Pipeline, which shut down after a ransomware attack last week, has resumed deliveries to all its markets, a move that will likely relieve concerns of a gas shortage along the East Coast. Those fears prompted hoarding and panic buying that exacerbated the problem, even as state and federal officials warned against such action.
The major petroleum pipeline had been closed since last Friday, when a ransomware infection was found on its computer systems. The shutdown affected the supply of gas in parts of the East Coast, with some people waiting an hour or more at filling stations or not finding gas at all.
"Colonial Pipeline can now report that we have restarted our entire pipeline system and that product delivery has commenced to all markets we serve," the company tweeted on Thursday afternoon. Still, the company cautioned that some markets may continue to experience interruptions and that it would take several days until the "product delivery supply chain" returned to normal.
The ransomware infection at Colonial highlighted the vulnerability of the country's critical infrastructure, which has been the target of an increasing number of cyberattacks. Cities, schools and hospitals have all been hit by cybercriminals, who scramble a victim's computers and then extort a payment to decrypt them.
On Wednesday, President Joe Biden issued an executive order aimed at strengthening US cybersecurity. The wide-ranging action includes the creation of a Cyber Safety Review Board that will convene after major incidents. Members of the Defense and Justice departments, several security agencies and private sector specialists will be on the board.
The FBI blamed the attack on a group called Darkside, which is believed to be based in Russia. On Thursday, Biden told a briefing the FBI doesn't believe the Russian government itself was involved in the attack.
Here's what you need to know about the hack:
What happened?
Colonial Pipeline was hit with a ransomware attack. Bloomberg reported the hackers began their attack last Thursday by stealing about 100 gigabytes of data in a double extortion scheme that holds the data hostage and threatens to leak it. The company shut some of its operations to prevent the malicious software from spreading.
Read more: No gas shortage: Stop panicking, and what not to do
What's a ransomware attack?
Hackers use ransomware -- a type of malware -- to scramble a company's computer data and hold it hostage until a ransom is paid. In a double extortion scheme, the attackers pilfer the data and threaten to publish it.
On Thursday, Bloomberg reported that Colonial paid nearly $5 million in ransom for software to decrypt its computers. The report contradicted an earlier story by The Washington Post that the company was restoring its data from backups and didn't plan to pay the hackers. Bloomberg reported the software tool, which was paid for with an unspecified cryptocurrency, was slow so Colonial continued restoring its system from backups.
During his briefing, Biden declined to answer a question as to whether he had been briefed on Colonial allegedly paying the ransom.
Colonial didn't respond to a request for comment.
How did Colonial respond to the attack?
The company, which operates pipelines for gasoline, jet fuel and other refined petroleum products, halted pipeline operations after discovering the hack. Colonial said it "we proactively took certain systems offline to contain the threat, which temporarily halted all pipeline operations, and affected some of our IT systems."
Colonial services seven airports and operates in 14 states. Its system is the biggest in the US, the company says, covering more than 5,500 miles and carrying more than 100 million gallons of fuel per day. A legend on company's tanks that are featured on its website reads "America's Energy Lifeline."
Who's behind the attack?
The FBI blamed Darkside, a hacking group, for the attack. The law enforcement agency said it was notified of the hack on May 7 and is investigating alongside the company and other government agencies.
Cybereason, a security company based in Boston, wrote that Darkside focuses on targets in English-speaking countries and avoids operations in former Soviet bloc countries. It sells its ransomware, a model known as ransomware as a service, and maintains a help desk for negotiations with victims, Cybereason said.
How prevalent are ransomware attacks?
Unfortunately, they're pretty common. City governments around the country, including Baltimore's and Atlanta's, have been slammed by ransomware attacks. Hospitals have been shut down. (In one case, a patient died because she had to be taken to a hospital nearly 20 miles away from her initial destination, which was dealing with a cyberattack.)
Often, the victims pay to recover their data. Two cities in Florida -- Lake City and Riviera Beach -- together paid more than $1 million to unfreeze their systems. The cities paid in Bitcoin, a popular cryptocurrency.
The Cybersecurity and Infrastructure Security Agency and the Department of Energy are working with industry on guidelines to secure critical infrastructure, the White House said, sharing details on the attack that hit Colonial Pipeline and providing recommendations to reduce the likelihood of future incidents. The Biden administration added that it's helping private sector companies improve their cybersecurity through the Industrial Control Systems Cybersecurity initiative.
What's been going on with concerns about a gas shortage?
A Department of Transportation agency posted a regional emergency declaration for 18 states and Washington, DC, "in response to the unanticipated shutdown of the Colonial pipeline system due to network issues that affect the supply of gasoline, diesel, jet fuel, and other refined petroleum products throughout the Affected States." The declaration is designed to keep the fuel supply on the East Coast flowing.
North Carolina, South Carolina and Virginia also declared states of emergency.
Concerns over a gas shortage helped push GasBuddy, a price comparison app, to the top of Apple's App Store, according to App Annie.
So I shouldn't hoard gas?
Officials say there's no need to stock up on gasoline because the pipeline is expected to be back near normal at the end of the week.
Energy Secretary Jennifer Granholm acknowledged that some states might experience a supply crunch but said there was no need to rush to the pumps. "We know that we have gasoline," she said, according to US News and World Report. "We just have to get it to the right places."
South Carolina Gov. Henry McMaster tweeted a similar message to his state's citizens. "There is no need to rush to top off your gas tanks or hoard gas," McMaster wrote, "the pipeline is expected to resume operations by the end of the week."
There is no need to rush to top off your gas tanks or hoard gas - the pipeline is expected to resume operations by the end of the week.
— Gov. Henry McMaster (@henrymcmaster) May 11, 2021
In its Tuesday statement, Colonial said it's working with the Department of Energy and prioritizing "markets experiencing supply constraints and/or not serviced by other fuel delivery systems."
What about gas prices?
On Thursday, the average price per gallon of gas in the US jumped to nearly $3.03, up more than 7 cents from the previous week, according to GasBuddy, a pricing app. A GasBuddy analyst told MarketWatch that the rise reflected the reopening of the US economy though it may have been accelerated by the pipeline shutdown.
Watch this: Will you recognize the gas station of the future?
9:35
Correction, May 13, 8:44 a.m. PT: Fixes spelling of Cybereason.
Article From & Read More ( Pipeline hack: Is the gas shortage over now that Colonial is back up? - CNET )https://ift.tt/3hy1zV8
Business
Bagikan Berita Ini
0 Response to "Pipeline hack: Is the gas shortage over now that Colonial is back up? - CNET"
Post a Comment