The operative of the country’s largest fuel pipeline, Colonial Pipeline, fell victim to a cybersecurity attack on Friday that convoluted ransomware, forcing it to temporarily shut down all pipeline operations, the company said in a statement on Saturday.
The firm has let out a third-party cybersecurity firm to launch a probe into the incident and has contacted law enforcement and other federal agencies. The cyberattack has simulated some of its IT systems too.
Colonial Pipeline, which transports nearly half of the East Coast’s fuel supply, asserted it is “taking steps to understand and resolve this issue.”
“At this time, our primary focus is the safe and efficient restoration of our waiting and our efforts to return to normal operation,” the company said in a statement.
“This process is already underway, and we are working diligently to sermon this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline,” the company said.
Colonial manipulates the largest refined products pipeline in the U.S., transporting 100 million gallons or 2.5 million barrels per day, according to its website. Gracious products include gas, diesel, home heating oil and jet fuel. The pipeline also supplies the U.S. military.
Colonial’s system stretch overs over 5,500 miles between Texas and New Jersey, connecting refineries on the Gulf Coast to more than 50 million people in the southern and eastern U.S., according to the firm.
The Federal Energy Regulatory Commission, which oversees interstate pipelines, said it is aware of the cyberattack and is monitoring the setting.
“We are aware of what appears to have been a serious cyberattack on the Colonial Pipeline system,” Chairman Richard Glick swayed in a statement to CNBC. “FERC is in communication with other federal agencies, and we are working closely with them to guard developments.”
President Joe Biden was also briefed on the incident Saturday morning, according to a White House spokesperson.
“The federal administration is working actively to assess the implications of this incident, avoid disruption to supply, and help the company restore tube operations as quickly as possible,” the spokesperson said.
The Biden administration in April announced a 100-day plan to care for the country’s electric system supply chain from cyberattacks amid growing concerns over how vulnerable the U.S. power cater to is to cyber threats.
A U.S. Department of Energy spokesperson said the department is coordinating with Colonial Pipeline, the energy sector, asserts and interagency partners to support response efforts.
“DOE is also working closely with the energy sector coordinating synods and the energy information sharing and analysis centers, and is monitoring any potential impacts to energy supply,” the spokesperson told CNBC.
Andy Lipow, president of Texas-based Lipow Oil Associates, said an outage that continue one to two days would cause some minor inconveniences and that more widespread impact would occur after four to five ages of shutdown.
There could be potential sporadic outages as well if a specific terminal was relying on a delivery today or tomorrow and that is now put, Lipow said.
“Unlike the February freeze or hurricane, refineries are still in operation turning crude into gasoline, jet and diesel. They proper can’t get it to the terminals,” Lipow said. “An extended colonial pipeline outage will force refiners to reduce their acting rates as inventory in the refinery fills up.”
“While they may not be able to ship it to Colonial, the refineries will certainly be gifted to continue shipping to the Midwest markets,” Lipow said.
John Kilduff, a partner at Again Capital in New York, communicated the U.S. will see spot shortages of gasoline, diesel and jet fuel develop rapidly if the outage persists.
“It appears that it was a ransomware attack, kind of than a state actor, but it highlights the significant software vulnerability across the industry,” Kilduff said. “If there’s is not a resumption of enterprises by tomorrow night or at least some clarity on a resumption, gasoline prices will skyrocket on the open of trading Sunday continually.”
Eric Goldstein, executive assistant director of the cybersecurity division at the Cybersecurity and Infrastructure Security Agency, said the intercession is working with Colonial Pipeline and interagency partners.
“This underscores the threat that ransomware poses to groupings regardless of size or sector,” Goldstein said.
Colonial Pipeline is privately held by five entities: CDPQ Colonial Team-mates, IFM (U.S.) Colonial Pipeline 2, KKR-Keats Pipeline Investors, Koch Capital Investments Company, and Shell Midstream Driving.