US working to help pipeline company after cyberattack

The United States government says it is helping a major pipeline operator restore service after a cyberattack involving ransomware forced its network offline.

US Commerce Secretary Gina Raimondo said on Sunday that Washington was working to avoid more severe fuel supply disruptions and to help Colonial Pipeline restart as quickly as possible.

The company runs a pipeline network that stretches more than 8,850km (5,500 miles) from Texas to New Jersey.

“It’s an all hands on deck effort right now,” Raimondo said during an interview on CBS’s Face the Nation programme.

“We are working closely with the company, state and local officials, to make sure that they get back up to normal operations as quickly as possible and there aren’t disruptions in supply.”

Colonial Pipeline said in a statement late on Friday that it was the victim of “a cybersecurity attack” and a day later, it confirmed media reports that ransomware was involved in the incident.

Ransomware is a type of malware that is designed to lock down systems by encrypting data and demanding payment to regain access. The malware has grown in popularity over the last five years.

“In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems,” the company said.

Colonial Pipeline transports 2.5 million barrels per day of petrol, diesel, jet fuel and other refined products across its network, and it says it transports 45 percent of the US east coast fuel supply.

Retail fuel experts including the American Automobile Association said an outage lasting several days could have significant effects on regional fuel supplies, particularly in the southeastern US.

President Joe Biden was briefed on the cyberattack on Saturday morning, the White House said, adding that the government was working to try to help the company restore operations and prevent supply disruptions.

Experts said gas prices are unlikely to be affected if normal operations resume in the next few days but that the incident should serve as a wake-up call to companies about the vulnerabilities they face.

David Kennedy, founder and senior principal security consultant at TrustedSec, said once a ransomware attack is discovered, companies have little recourse but to completely rebuild their infrastructure, or pay the ransom.

“Ransomware is absolutely out of control and one of the biggest threats we face as a nation,” Kennedy told The Associated Press news agency. “The problem we face is most companies are grossly underprepared to face these threats.”