Security News > 2021 > May > Colonial Pipeline Targets Recovery From Ransomware Attack by End of Week

After a ransomware attack forced Colonial Pipeline Company to proactively shut down operations of the largest refined products pipeline in the United States, the company is scrambling to get systems back to normal operating capacity.

The ransomware attack, which the FBI has confirmed to be the Darkside ransomware, triggered the company to halt all pipeline operations on Friday.

Colonial did not say if it had made a ransom payment to the cybercriminals behind the attack.

The Colonial Pipeline is the largest refined products pipeline in the United States, transporting more than 100 million gallons of fuel daily through a pipeline system that spans more than 5,500 miles between Houston, Texas and Linden, New Jersey.

"While all the details of the attack are yet to be made public, it appears that this is a ransomware attack that landed on the IT network," Nick Cappi, Cyber Vice President, Portfolio Strategy and Enablement at Hexagon, told SecurityWeek in an emailed statement.

"In an abundance of caution, Colonial shut down some or all of the industrial control systems to prevent the attack from spreading to these devices. Assuming they are able to isolate the attack and bring the control systems back online within a few days, this will be a shining example of a company's ability to respond to and mitigate an attack. If they are unable to bring the control systems back online within a few weeks, the North East of the United States will likely see a steep increase in fuel prices and perhaps shortages and rationing."

News URL

http://feedproxy.google.com/~r/Securityweek/~3/L4RvlbaYi00/colonial-pipeline-targets-recovery-ransomware-attack-end-week