The operator of the country’s largest fuel pipeline, Colonial Pipeline, fell victim to a cybersecurity attack on Friday that involved ransomware, forcing it to temporarily shut down all pipeline operations, the company said in a statement on Saturday.
The firm has hired a third-party cybersecurity firm to launch a probe into the incident and has contacted law enforcement and other federal agencies. The cyberattack has affected some of its IT systems too.
Colonial Pipeline, which transports nearly half of the East Coast’s fuel supply, said it is “taking steps to understand and resolve this issue.”
“At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation,” the company said in a statement.
“This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline,” the company said.
Colonial operates the largest refined products pipeline in the U.S., transporting 100 million gallons or 2.5 million barrels per day, according to its website. Refined products include gas, diesel, home heating oil and jet fuel. The pipeline also supplies the U.S. military.
Colonial’s system spans over 5,500 miles between Texas and New Jersey, connecting refineries on the Gulf Coast to more than 50 million people in the southern and eastern U.S., according to the company.
The Federal Energy Regulatory Commission, which oversees interstate pipelines, said it is aware of the cyberattack and is monitoring the situation.
“We are aware of what appears to have been a serious cyberattack on the Colonial Pipeline system,” Chairman Richard Glick said in a statement to CNBC. “FERC is in communication with other federal agencies, and we are working closely with them to monitor developments.”
VIDEO 3:18 03:18
President Joe Biden was also briefed on the incident Saturday morning, according to a White House spokesperson.
“The federal government is working actively to assess the implications of this incident, avoid disruption to supply, and help the company restore pipeline operations as quickly as possible,” the spokesperson said.
The Biden administration in April announced a 100-day plan to protect the country’s electric system supply chain from cyberattacks amid growing concerns over how vulnerable the U.S. power supply is to cyber threats.
A U.S. Department of Energy spokesperson said the department is coordinating with Colonial Pipeline, the energy sector, states and interagency partners to support response efforts.
“DOE is also working closely with the energy sector coordinating councils and the energy information sharing and analysis centers, and is monitoring any potential impacts to energy supply,” the spokesperson told CNBC.
Andy Lipow, president of Texas-based Lipow Oil Associates, said an outage that last one to two days would cause some minor inconveniences and that more widespread impact would occur after four to five days of shutdown.
There could be potential sporadic outages as well if a specific terminal was relying on a delivery today or tomorrow and that is now delayed, Lipow said.
“Unlike the February freeze or hurricane, refineries are still in operation turning crude into gasoline, jet and diesel. They just can’t get it to the terminals,” Lipow said. “An extended colonial pipeline outage will force refiners to reduce their operating rates as inventory in the refinery fills up.”
“While they may not be able to ship it to Colonial, the refineries will certainly be able to continue shipping to the Midwest markets,” Lipow said.
John Kilduff, a partner at Again Capital in New York, said the U.S. will see spot shortages of gasoline, diesel and jet fuel develop rapidly if the outage persists.
“It appears that it was a ransomware attack, rather than a state actor, but it highlights the significant software vulnerability across the industry,” Kilduff said. “If there’s is not a resumption of operations by tomorrow night or at least some clarity on a resumption, gasoline prices will skyrocket on the open of trading Sunday night.”
Eric Goldstein, executive assistant director of the cybersecurity division at the Cybersecurity and Infrastructure Security Agency, said the agency is working with Colonial Pipeline and interagency partners.
“This underscores the threat that ransomware poses to organizations regardless of size or sector,” Goldstein said.
Colonial Pipeline is privately held by five entities: CDPQ Colonial Partners, IFM (U.S.) Colonial Pipeline 2, KKR-Keats Pipeline Investors, Koch Capital Investments Company, and Shell Midstream Operating.
VIDEO 5:17 05:17