colonial pipeline

Americans guzzle gasoline. In 2020, Americans used 337 million gallons of finished motor gasoline every day. This makes the country dependent on its pipelines and open to attack. In May 2021, hackers attacked the Colonial Pipeline. The line was shut down for several days, triggering shortages across the country. To understand the enormity of this event, you need to answer several questions. What exactly happened, and who was responsible? What is the government doing in response, and what should you do to protect your business?

Knowing the facts can help keep you safe from cyberattacks and fuel shortages. Here is your quick guide.

What Happened to the Colonial Pipeline?

The Colonial Pipeline is a pipeline that runs from the Gulf Coast up the Eastern Seaboard into New Jersey. It transports 45 percent of the East Coast’s diesel and petrol. The Colonial Pipeline Company operates it.

On May 7, the Colonial Pipeline Company experienced a cyberattack. Hackers stole nearly 100 gigabytes of company data and held it for ransom. In response, the company shut down the pipeline. This was done as a precaution to protect the pipeline itself from attacks. Subsequently, the shutdown had widespread effects. Gas prices as many gas stations in the Southeast United States ran out of their supplies.

On May 9, President Biden declared a state of emergency. His declaration allowed drivers to transport fuel into states that were lacking it.

Have Normal Operations Resumed?

The Colonial Pipeline Company restarted operations on May 12. By May 15, all of their systems returned to normal capacity. The company has confirmed that they paid the hackers more than four million dollars in ransom. The hackers have not released any stolen data, so the immediate threat of the hacking shutdown seems to be over.

On May 18, the communication system for the pipeline crashed. The pipeline itself continued to operate, but shippers became unable to plan their shipments. The company claims that the crash did not come from any ransomware or infection.

Who Caused the Shutdown?

On May 9, a Russian group named DarkSide claimed responsibility for the attack. They stated that they performed it for money, not to hurt the United States. The group specializes in ransomware. This is a type of malware that encrypts a computer system, preventing the victim from accessing files. The victim must pay money to someone, usually in the form of cryptocurrency. In exchange, the hacker claims they will release the computer back to them.

DarkSide has performed cyberattacks on dozens of institutions, including hospitals. They have received tens of millions of dollars in ransom fees.

In the wake of the Colonial Pipeline attack, the group has encountered setbacks. The wallet they use to accept cryptocurrency was found and shut down. Some DarkSide servers have also been found and disabled. After that, some people claiming to be members of the group have posted on Internet forums. They say that DarkSide is stopping its operations. However, it is too early to tell if this is the case, but it is possible.

How Is the United States Responding?

American intelligence professionals are investigating if DarkSide has any ties to the Russian government. President Biden has promised to have talks with Vladimir Putin about the shutdown.

On May 12, the President issued an executive order regarding cybersecurity. The order promises to enlist the federal government into stronger security efforts. The government will share threat information with IT service providers as well as update its own cybersecurity plans.

Many Americans have engaged in panic buying in response to the shutdown. Government officials like Energy Secretary Jennifer Granholm have advised against this. Panic buying can drive prices up while keeping essential supplies down.

What Preventive Measures Can Companies Take?

There are several lessons that companies can learn from the Colonial Pipeline cyber attack.

Everyone must value the importance of cybersecurity. Never open emails or download documents from an unfamiliar address. Bear in mind that a hacker may be impersonating someone you know. Contact that person to see if they sent you something. Keep access to important files limited to people you trust. Create multiple copies of these files, and store at least one copy off-site. Keep your network safe with firewalls and antivirus tools. Run regular scans of your systems to make sure no malware is on them.

As companies return to their offices, they may encounter security problems because their systems were inactive. Have an IT professional come in and do an audit of your computer technology. If you encounter ransomware, do not panic. Do not pay the hacker off, even if they ask for a small fee. Go to an IT professional and get help from them.

If you are in the oil and gas industry, buy additional vehicles. When another shutdown happens, you can use your vehicles to transfer remaining supplies to areas that don’t have them. Whatever industry you are in, buy energy-efficient vehicles. The less fuel you use, the less your business is hurt when a pipeline shuts down. Adjust your shipping operations so you can get goods out faster.

Supply Your Business

In conclusion, we need to learn from the Colonial Pipeline attack. Russian hackers attacked the Colonial Pipeline Company, holding their files for ransom. The company shut their pipeline down, causing fuel outages.

The pipeline is up and running. The group responsible for the attack, DarkSide, may be defunct. But the government and private businesses must take drastic measures to prevent another attack. Above all, they must improve their cybersecurity and protect Internet servers.