Millions of Americans could be paying more at the pump because hackers in Eastern Europe allegedly idled a massive U.S. pipeline company.
Colonial Pipeline, which operates a 5,500-mile pipeline stretching from Texas to the Northeast, has so far not indicated when the flow of oil will resume. The pipeline was shut down on Friday.
“This could be the most impactful ransomware attack in history, a cyber disaster turning into a real-world catastrophe,” Andrew Rubin, CEO and co-founder of Illumio, a cybersecurity company, told NBC News.
“It’s an absolute nightmare, and it’s a recurring nightmare,” he said. “Organizations continue to rely and invest entirely on detection, as if they can stop all breaches from happening. But this approach misses attacks over and over again. Before the next inevitable breach, the president and Congress need to take action on our broken security model.”
Colonial Pipeline will only “bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations,” the company said in a statement, according to Politico.
With the pipeline that meets about half of the East Coast’s transportation fuel needs sidelined, prices for wholesale gasoline in the futures market rose up to 4 percent Sunday evening, hitting levels unseen since 2018 at nearly $2.22 per gallon.
“Even a temporary shutdown will likely drive already rising national retail gas prices over $3 per gallon for the first time since 2014,” Jay Hatfield, chief executive of Infrastructure Capital Management and an investor in natural gas and oil pipelines and storage, told The New York Times.
Motorists are not the only ones threatened. Airports in Nashville, Tennessee; Baltimore; and Charlotte, North Carolina could face fuel shortages if the line remains closed through the end of the week.
The line is shut down because Colonial was a victim of a ransomware attack, the company said. Ransomware attacks take place when an outside group holds all the data of a target hostage until it gets paid.
Although Colonial has been sparing with the details, it said it shut the pipeline as a precaution in case the ransomware group attacks vulnerable sections of the more-than-50-year-old pipeline, according to The Times.
Ransomware is not publicized all that often, but is growing in frequency.
“We’ve seen ransomware start hitting soft targets like hospitals and municipalities, where losing access has real-world consequences and makes victims more likely to pay,” Ulf Lindqvist, a director at SRI International who specializes in threats to industrial systems, told The Times. “We are talking about the risk of injury or death, not just losing your email.”
The group believed to have been responsible for carrying out the attack is known as DarkSide and is located in Eastern Europe, according to The Washington Post. In its reporting, CNN framed the group as a criminal gang based in Russia.
Federal officials are involved, as well as the tech company FireEye, The Post reported.
“We are engaged with the company and our interagency partners regarding the situation,” Eric Goldstein, executive assistant director of the cybersecurity division at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, told The Post. “This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.”
DarkSide hit two Brazilian energy companies in February, Allan Liska, intelligence analyst at the cyber threat research firm Recorded Future, told the outlet.
Increased vulnerabilities are leading to increased attacks.
“To put it simply, we are on the cusp of a global digital pandemic driven by greed,” former top DHS cyber official Christopher Krebs told Congress last week, referring to the situation as a “digital dumpster fire.”
This article appeared originally on The Western Journal.
