The largest gasoline pipeline on the East Coast, and the US in general, was shut down on Friday after its operator struggled to contain a cyberattack which threatened its systems. The 5,500-mile Colonial Pipeline, which is the single largest refined-products pipeline in the United States, halted transit as the company was forced to take “certain systems offline to contain the threat, which has temporarily halted all pipeline operations,” according to The Wall Street Journal on Saturday. It’s reportedly still offline into early Saturday.
Colonial’s network is responsible for supplying fuel that originates with refiners on the Gulf Coast to most of the eastern and southern US, accounting for over 2.5 million barrels per day in gasoline, diesel, and jet fuel, or other refined products transferred, making up 45% of all the East Coast’s fuel supply. It spans from Texas through southern states and up to New Jersey.
“At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation,” the Alpharetta, Georgia-based company stated. “This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers.”
The disruption earlier in the day Friday saw Gulf Coast cash prices for gasoline and diesel push lower, though longer-term price effects will depend on just how long the lines remain shut. If the closure persists further into the weekend or even early next week, it’s very likely to send gasoline prices soaring.
The last time there was a significant shutdown of Colonial’s lines was during Hurricane Harvey in 2017, which shot spot Gulf Coast gasoline prices to a five-year high and diesel to near a four-year high.
This fresh cyberattack against vital American infrastructure has reportedly already seen federal agencies and law enforcement get involved, alongside a third-party cybersecurity firm brought in by Colonial to launch an investigation. Some of the early details of the investigation suggest a ransomware attack, which is being reported as follows:
The Washington Post reported that ransomware was used in the attack, citing two U.S. officials it didn’t identify. It wasn’t clear if the attack was carried out by foreign government hackers or a criminal group, the officials told the Post. In ransomware attacks, hackers typically encrypt an organization’s computer files and then demand a ransom payment to unlock the data. Read more…