Colonial Pipeline temporarily halts operations following cyberattack

The 5,500-mile Colonial Pipeline, the largest pipeline in the United States, was hit with a cybersecurity attack on May 7.

The Colonial Pipeline Company, which is owned by a conglomerate of companies, reported that it was a ransomware attack. As soon as the attack was discovered, officials took certain systems offline to contain the threat. These actions temporarily halted pipeline operations and affected some of the company’s IT systems, which are in the process of being restoring.

Colonial Pipeline is the largest refined products pipeline in the country, transporting more than 100 million gallons of fuel daily from Houston to the New York Harbor. It provides fuel for businesses and residents through the eastern and southern states.

The company immediately brought in third-party cybersecurity experts, who launched an investigation into the nature and scope of this incident.

“We have remained in contact with law enforcement and other federal agencies, including the Department of Energy, who is leading the Federal Government response,” Colonial officials said in a statement.

The restoration process is already underway as the operations team is developing a system restart plan focusing on the safe and efficient restoration of service to the pipeline system with minimal disruption to customers who rely on Colonial Pipeline.

“While our mainlines (Lines 1, 2, 3, and 4) remain offline, some smaller lateral lines between terminals and delivery points are now operational. We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so and in full compliance with the approval of all federal regulations,” officials said in a statement.

Several media outlets, including NBC News, are reporting that the attack may have been carried out by a Russian criminal group and does not appear to be tied to the Kremlin. However, the attackers have not been identified by company or federal authorities.

“We are engaged with the company and our interagency partners regarding the situation,” Eric Goldstein, executive assistant director of the cybersecurity division at the Cybersecurity and Infrastructure Security Agency (CISA), said. “This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.”

The U.S. Department of Transportation’s Federal Motor Carrier Safety Administration is taking steps to create more flexibility for motor carriers and drivers in response to the attack.

Specifically, FMCSA is issuing a temporary hours of service exemption that applies to those transporting gasoline, diesel, jet fuel, and other refined petroleum products to Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas, and Virginia.