The United States has declared a state of emergency after a cyber-attack shut down a large vital pipeline that transports gasoline and other fuels from Texas to the Northeast.
The Department of Transportation has declared a regional emergency, allowing drivers transporting gasoline, diesel, jet fuel, and other refined petroleum products to operate without restrictions on hours of service.
Colonial Pipeline, headquartered in Georgia, operates the pipeline and according to the firm, it delivers about 45 percent of the fuel consumed on the East Coast.
Colonial was the victim of a ransomware assault, in which hackers encrypt data, paralyze networks, and then demand a large ransom to decrypt it.
Colonial Pipeline announced on Sunday that it was actively working to restore some of its IT systems. It claims to be in touch with law enforcement and other federal departments, including the Department of Energy, which is in charge of the federal government response. The organization hasn't revealed what was asked or who made the demand.
DarkSide was named as the perpetrator by two people close to the investigation who spoke on the condition of anonymity. It's one of the ransomware gangs that have "professionalized" a criminal enterprise that has cost Western nations tens of billions of dollars in the last three years.
DarkSide says that it does not threaten hospitals, nursing homes, educational institutions, or government institutions and that a majority of its profits are donated to charity. It has been operating since August, and it is known to avoid attacking organizations in former Soviet bloc countries, as is typical of the most powerful ransomware gangs.
Colonial declined to say whether it had paid or was negotiating a ransom, and DarkSide did not respond to a media reporter's questions about the attack on its dark website. A victim's lack of acknowledgment normally means that he or she is negotiating or has already been charged.
Colonial Pipeline announced on Sunday that it is working on a "system restart" initiative. Its main pipeline is still down, but some smaller lines are now operational, according to the company. Colonial transports gasoline, diesel, jet fuel, and home heating oil from Gulf Coast refineries. Its pipeline system stretches over 5,500 miles (8,850 kilometres) and transports over 100 million gallons (380 million litres) every day.
"We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations," the company said in a statement.
Ransomware attacks are "what businesses now have to worry about," Commerce Secretary Gina Raimondo said on Sunday, adding that she would work "very vigorously" with the Department of Homeland Security to solve the issue, which she called a top priority for the administration.
"It’s an all-hands-on-deck effort right now," Raimondo said. "And we are working closely with the company, state and local officials to make sure that they get back up to normal operations as quickly as possible and there aren’t disruptions in supply."
In the last year, cyber extortion attempts in the United States have become a death-by-a-thousand-cuts epidemic, with attacks delaying cancer care, disrupting schools, and paralyzing police and city governments.
Last year, the average ransom paid in the United States increased by nearly threefold to more than $310,000. According to Coveware, a company that assists victims of ransomware recovery, the average downtime for victims of ransomware attacks is 21 days.
Gas prices will begin to rise if the outage lasts one to three weeks, according to Debnil Chowdhury of the research firm IHSMarkit. "I wouldn’t be surprised if this ends up being an outage of that magnitude if we see a 15-to 20-cent rise in gas prices over the next week or two," he said.
The Department of Justice has established a new task force to tackle ransomware attacks.
(With inputs from India Today)