Security News > 2021 > May > Ransomware Cyber Attack Forced the Largest U.S. Fuel Pipeline to Shut Down
Colonial Pipeline, which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack, once again demonstrating how infrastructure is vulnerable to cyberattacks.
Colonial Pipeline is the largest refined products pipeline in the U.S., a 5,500 mile system involved in transporting over 100 million gallons from the Texas city of Houston to New York Harbor.
Cybersecurity firm FireEye's Mandiant incident response division is said to be assisting with the investigation, according to reports from Bloomberg and The Wall Street Journal, with the attack linked to a ransomware strain called DarkSide.
The latest cyber attack comes as a coalition of government and tech firms in the private sector, called the Ransomware Task Force, released a list of 48 recommendations to detect and disrupt the rising ransomware threat, in addition to helping organizations prepare and respond to such attacks more effectively.
In February 2020, CISA issued an alert warning of increasing ransomware infections impacting pipeline operations following an attack that hit an unnamed natural gas compression facility in the country, causing the company to shut down its pipeline asset for about two days.
Securing pipeline infrastructure has been an area of focus for the Department of Homeland Security, which in 2018 assigned CISA to oversee what's called the Pipeline Cybersecurity Initiative that aims to identify and address emerging threats and implement security measures to protect more than 2.7 million miles of pipelines responsible for transporting oil and natural gas in the U.S. The agency's National Risk Management Center has also published a Pipeline Cybersecurity Resources Library in February 2021 to "Provide pipeline facilities, companies, and stakeholders with a set of free, voluntary resources to strengthen their cybersecurity posture."
News URL
Related news
- McLaren hospitals disruption linked to INC ransomware attack (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)
- Lateral movement: Clearest sign of unfolding ransomware attack (source)
- BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (source)
- U.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware Attacks (source)