Join our daily newsletter At The Bell to receive exclusive market insights
- Top U.S. fuel pipeline operator Colonial Pipeline has been forced to shut its entire network following a cyber attack on Friday
- Both Georgia-based Colonial and the U.S. government have blamed ransomware for the outage, pointing the finger at cybercriminal gangs
- No exact group has yet been identified, but an organisation known as “DarkSide” is among the suspects
- The severity of damage in the Colonial case depends on whether the ransomware made its way into the company’s network of operational technology
- The U.S. government is working with Colonial to ensure a speedy recovery, while also scrambling to avoid more severe fuel supply disruptions
- Any prolonged outage would require tankers to transport fuel from the U.S. Gulf Coast to East Coast ports
Top U.S. fuel pipeline operator Colonial Pipeline has been forced to shut its entire network — the source of nearly half the country’s East Coast fuel supply — following a cyber attack on Friday.
The attack is one of the most disruptive digital ransom operations ever reported and exposed the vulnerability of energy infrastructure to hackers, prompting calls from lawmakers to strengthen protections.
U.S. Commerce Secretary Gina Raimondo said the pipeline fix was a top priority for the Biden administration, which is working to avoid further disruptions by helping Colonial quickly restore the network that stretches more than 8850 kilometres from Texas to New Jersey.
Colonial said yesterday that its main fuel lines remain suspended, although some smaller ones between terminals are now operational. The timeline for a full restart, however, remains unknown.
Who is behind the attack?
Both Georgia-based Colonial and the U.S. Government have blamed ransomware for the outage, pointing the finger at cybercriminal gangs who routinely hold data and computer networks hostage in exchange for digital currency payments.
While the exact group is yet to be identified, a former U.S. official and three industry sources told Reuters that an organisation known as “DarkSide” — a new but professional group of criminals thought to be operating out of the former Soviet republics — was among the suspects.
DarkSide is one of several ransomware gangs that extort victims by gaining access to private networks, encrypting files and stealing data. They demand payment to decrypt these files and often ask for additional money not to publish stolen content.
What’s the damage?
Ransomware is capable of dealing catastrophic damage to an organisation’s network by locking away data and even destroying computers beyond repair. However, the impact on physical hardware varies.
In 2012, a cyber attack on Saudi Aramco crippled the oil giant’s computer network but left production largely unscathed. On the other hand, a more recent ransomware incident at Norsk Hydro temporarily caused the Oslo-based aluminium maker to drift away from automated production at its smelters.
The severity of damage in the Colonial case depends on whether the ransomware made its way into the company’s network of operational technology, which communicates with the pipeline itself.
Colonial has not offered any information regarding the extent of the intrusion, but Robert M. Lee, chief executive of cybersecurity firm Dragos, said he believed the company’s network was shut down proactively “to make sure that nothing spread into those systems.”
He said the decision would hopefully translate to “a temporary outage versus something that would be more sustained.”
The network ships more than 2.5 million barrels per day of gasoline, diesel and jet fuel from the Gulf Coast to populous southeast and northeast states — roughly 45 per cent of all fuel consumed on the East Coast — and provides refined products to more than 50 million Americans.
Another fuel pipeline serving the same regions carries a third of what Colonial does and any prolonged outage would require tankers to transport fuel from the U.S. Gulf Coast to East Coast ports.
That said, the number of fuel truck drivers for some of the primary transportation companies are thought to be down by 25 per cent due to COVID-19 infections.
What happens now?
The U.S. Government is working with Colonial to ensure a speedy recovery, while also scrambling to avoid more severe fuel supply disruptions.
Colonial’s pipeline serves a number of major airports, including Atlanta’s Hartsfield Jackson Airport — the world’s busiest by passenger traffic.
“A one-to-two-day outage is really a minor inconvenience,” said Andrew Lipow, president of Lipow Oil Associates.
But by day four or five, he added, “we could see a much greater widespread impact through large areas throughout the mid-Atlantic and the southeast.”
U.S. Senator Bill Cassidy, a Republican from Louisiana who sits on the Energy Committee, said lawmakers are prepared to work more with privately-held critical infrastructure companies to guard against cyberattacks.
“The implication for this, for our national security, cannot be overstated,” he said in an interview with NBC.
“And I promise you, this is something that Republicans and Democrats can work together on.”
Will fuel supplies hold up?
Florida, Georgia, Alabama, South Carolina, North Carolina, and Tennessee rely on Colonial’s pipeline for the majority of their fuel supplies, and suffered local shortages and higher prices during previous shutdowns.
Adding to the potential problem is a rise in demand, as more and more Americans receive vaccinations for COVID-19 and begin to travel more. Typically, a peak is seen at the end of May in conjunction with the start of the North American summer.
Patrick DeHaan, head of petroleum analysis at fuel tracking firm GasBuddy, said drivers should avoid panic buying.
“Rushing out and filling your tank will make the problem much much more acute and likely double or triple the length of any supply event, if it comes to that,” he said.
Ernie Barsamian, chief executive of U.S. terminal storage clearinghouse The Tank Tiger, said there will likely be price increases at fuel distribution points at several locations. Those distribution centres are particularly in Wilmington in North Carolina, Charleston in South Carolina and Savannah in Georgia.
Most of the terminals along Colonial Pipeline’s route should have at least 10 days worth of supply, but since prices to sell now are higher than those for later, companies have not been incentivised to store fuel and some terminals could be running leaner, Barsamian added.
