Colonial Pipelines, one of the largest fuel pipelines in the US, has paused operations due to a cyberattack. The company is responsible for carrying approximately 45% of the gasoline consumed on the East Coast.
Colonial Pipelines Struck by Ransomware
According to a report by The Wall Street Journal, Colonial Pipelines fell prey to a ransomware attack. A ransomware attack is one that locks user data and demands payment to unlock it.
In this case too, hackers have encrypted Colonial Pipelines' data that will be decrypted upon payment of the ransom. So far, the cyberattack doesn't involve hackers taking over operational control of the company's systems.
In a press release on the Colonial Pipelines website, the company said that it has hired a third-party cybersecurity firm to investigate the matter. In addition to this, Colonial Pipelines has halted all pipeline operations and taken some systems offline.
The company has also been in touch with law enforcement and federal agencies so that it can resume operations as soon as possible.
As of now, Colonial Pipelines' focus is on restoring its services as soon as possible:
Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline.
Who Are the Hackers Behind This?
Initial speculations led many people to believe that a foreign government may be responsible for the cyberattack.
But according to Bloomberg, members of a cybercrime group called DarkSide are responsible for the cyberattack on Colonial Pipelines. The group is notorious for its "double-extortion" schemes and the US pipeline has fallen victim to it as well.
The hackers have encrypted the data inside Colonial Pipelines' network. But, additionally, they have also managed to steal nearly 100 GB of data that will be leaked online unless the company pays the ransom.
Right now, it isn't clear how much money the hackers are demanding and whether Colonial Pipelines plans to pay the ransom. Usually in these cases, companies pay the ransom as some of it is covered by their insurers.
The entire matter has been elevated and President Joe Biden has been briefed about it as well.
The Rise in Ransomware Attacks
Ransomware attacks have increased sharply during the past few months. This may be attributed to the increasing amount of time people spend on their computers due to the pandemic.
But when big companies fall victim to one, it could potentially jeopardize the lives of countless people. In the case of Colonial Pipelines, if hackers managed to gain control over operational aspects of the company, it is not difficult to imagine the damage it could cause.