“The” US. East coast fuel pipeline held for ransonware

Page 1 of 1 [ 10 posts ] 

ASPartOfMe
Veteran
Veteran

User avatar

Joined: 25 Aug 2013
Age: 64
Gender: Male
Posts: 25,944
Location: Long Island, New York

08 May 2021, 7:03 pm

Cyber attack shuts down U.S. fuel pipeline ‘jugular,’ Biden briefed

Quote:

Top U.S. fuel pipeline operator Colonial Pipeline shut its entire network, the source of nearly half of the U.S. East Coast’s fuel supply, after a cyber attack on Friday that involved ransomware.

The incident is one of the most disruptive digital ransom operations ever reported and has drawn attention to how vulnerable U.S. energy infrastructure is to hackers. A prolonged shutdown of the line would cause prices to spike at gasoline pumps ahead of peak summer driving season, a potential blow to U.S. consumers and the economy.

"This is as close as you can get to the jugular of infrastructure in the United States," said Amy Myers Jaffe, research professor and managing director of the Climate Policy Lab. "It's not a major pipeline. It's the pipeline."

Colonial transports 2.5 million barrels per day of gasoline, and other fuels through 5,500 miles (8,850 km) of pipelines linking refiners on the Gulf Coast to the eastern and southern United States. It also serves some of the country's largest airports, including Atlanta's Hartsfield Jackson Airport, the world's busiest by passenger traffic.

The company said it shut down its operations after learning of a cyberattack on Friday using ransomware.

"Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation," it said.

While the U.S. government investigation is in early stages, one former official and two industry sources said the hackers are likely a professional cybercriminal group.

The former official said investigators are looking at a group dubbed "DarkSide," known for deploying ransomware and extorting victims while avoiding targets in post-Soviet states.

A shutdown lasting four or five days, for example, could lead to sporadic outages at fuel terminals along the U.S. East Coast that depend on the pipeline for deliveries, said Andrew Lipow, president of consultancy Lipow Oil Associates.

After the shutdown was first reported on Friday, gasoline futures on the New York Mercantile Exchange gained 0.6% while diesel futures rose 1.1%, both outpacing gains in crude oil. Gulf Coast cash prices for gasoline and diesel edged lower on prospects that supplies could accumulate in the region.

"As every day goes by, it becomes a greater and greater impact on Gulf Coast oil refining," said Lipow. "Refiners would have to react by reducing crude processing because they've lost part of the distribution system."

Oil refining companies contacted by Reuters on Saturday said their operations had not yet been impacted.

Ben Sasse, a Republican senator from Nebraska and a member of the Senate Select Committee on Intelligence, said the cyberattack was a wakeup call for U.S. lawmakers.


_________________
Professionally Identified and joined WP August 26, 2013
DSM 5: Autism Spectrum Disorder, DSM IV: Aspergers Moderate Severity.

“My autism is not a superpower. It also isn’t some kind of god-forsaken, endless fountain of suffering inflicted on my family. It’s just part of who I am as a person”. - Sara Luterman


ASPartOfMe
Veteran
Veteran

User avatar

Joined: 25 Aug 2013
Age: 64
Gender: Male
Posts: 25,944
Location: Long Island, New York

11 May 2021, 8:51 am

F.B.I. says Russian criminal gang responsible

Quote:
The cyberextortion attempt that's forced the shutdown of a vital U.S. pipeline was carried out by a criminal gang known as DarkSide that cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, the FBI said Monday.

The shutdown, meanwhile, stretched into its third full day, with the Biden administration loosening regulations of the transport of petroleum products on highways as part of an "all-hands-on-deck" effort to avoid disruptions in the fuel supply. Georgia-based Colonial Pipeline said Monday it hopes to have service mostly restored by the end of the week.

On Monday, Colonial Pipeline said it was planning a "phased approach" with the goal of "substantially restoring operational service by the end of the week."

At the White House, President Biden told reporters Monday the U.S. intelligence community had no evidence the Russian government was involved with the Colonial attack, but Mr. Biden said there was evidence the ransomware was in Russia. "They have some responsibility to deal with this," the president said after delivering remarks on the economy.

DarkSide is among ransomware gangs that have "professionalized" a criminal industry that has cost Western nations tens of billions of dollars in losses in the past three years.

DarkSide claims it doesn't attack hospitals and nursing homes, educational or government targets and that it donates a portion of its take to charity. It's been active since August and, typical of the most potent ransomware gangs, is known to avoid targeting organizations in former Soviet bloc nations.

Colonial didn't say whether it has paid or was negotiating a ransom, and DarkSide neither announced the attack on its dark web site nor responded to an Associated Press reporter's queries. The lack of acknowledgment usually indicates a victim is either negotiating or has paid.

Commerce Secretary Gina Raimondo said Sunday that ransomware attacks are "what businesses now have to worry about" and that she will work "very vigorously" with the Department of Homeland Security to address the problem, calling it a top priority for the administration.

Ed Amoroso, CEO of TAG Cyber, said Colonial was lucky its attacker was at least ostensibly motivated only by profit, not geopolitics. State-backed hackers bent on more serious destruction use the same intrusion methods as ransomware gangs.

"For companies vulnerable to ransomware, it's a bad sign because they are probably more vulnerable to more serious attacks," he said. Russian cyberwarriors, for example, crippled the electrical grid in Ukraine during the winters of 2015 and 2016.


_________________
Professionally Identified and joined WP August 26, 2013
DSM 5: Autism Spectrum Disorder, DSM IV: Aspergers Moderate Severity.

“My autism is not a superpower. It also isn’t some kind of god-forsaken, endless fountain of suffering inflicted on my family. It’s just part of who I am as a person”. - Sara Luterman


ASPartOfMe
Veteran
Veteran

User avatar

Joined: 25 Aug 2013
Age: 64
Gender: Male
Posts: 25,944
Location: Long Island, New York

11 May 2021, 5:41 pm

Colonial Pipeline gas shortage causes North Carolina stations to see long lines

Quote:
North Carolina drivers in desperate need of fuel are lining up at gas stations across the state just days after a cyberattack shut down a vital U.S. pipeline.

The Colonial Pipeline, which delivers roughly 45% of fuel consumed on the East Coast, is a primary fuel pipeline for North Carolina, according to Gov. Roy Cooper.

On Monday, Cooper issued a state of emergency "suspending motor vehicle fuel regulations to ensure adequate fuel supply supplies throughout the state."


_________________
Professionally Identified and joined WP August 26, 2013
DSM 5: Autism Spectrum Disorder, DSM IV: Aspergers Moderate Severity.

“My autism is not a superpower. It also isn’t some kind of god-forsaken, endless fountain of suffering inflicted on my family. It’s just part of who I am as a person”. - Sara Luterman


shlaifu
Veteran
Veteran

User avatar

Joined: 26 May 2014
Age: 37
Gender: Male
Posts: 2,170

11 May 2021, 8:36 pm

If you're unfamiliar with Notpetya, now is as good a time as any other to read up on it, and think twice about "the internet of things"... Or automated drones...


_________________
I can read facial expressions. I did the test.


Fnord
Veteran
Veteran

User avatar

Joined: 6 May 2008
Age: 64
Gender: Male
Posts: 50,705
Location: Stendec

12 May 2021, 8:44 am

Gasoline is now about $4.25 per gallon here in California.  I hear the pipeline problem should be resolved by the end of this week.  Even so, I have already topped of the tanks of all my family's cars.


_________________
 Link to Official List of Trump's Atrocities 

45OFFICE = TRE45ON
Lock Him Up!


ASPartOfMe
Veteran
Veteran

User avatar

Joined: 25 Aug 2013
Age: 64
Gender: Male
Posts: 25,944
Location: Long Island, New York

12 May 2021, 4:18 pm

Energy Fistfights over fuel in U.S. Southeast

Quote:
Fuel shortages worsened and tensions rose in the southeastern United States on Wednesday, as the shutdown of the largest U.S. fuel pipeline network entered its sixth day and Washington officials pledged new steps to alleviate supply issues.

Nearly 60% of gas stations in metro Atlanta were without gasoline, tracking firm GasBuddy said. Its survey showed 65% of stations in North Carolina and 43% in Georgia and South Carolina without fuel. Virginia also reported high outages.

U.S. Transportation Secretary Pete Buttigieg said the administration is addressing the fuel shortages and helping restore Colonial operations, including moving gasoline to places that need it.

The supply crunch sparked panic buying in the U.S. Southeast, bringing long lines and high prices at gas stations ahead of the Memorial Day holiday weekend at the end of May, the traditional start of the peak summer driving season.

Fuel industry representatives urged consumers to stop panic buying. They noted the country has plenty of gasoline supplies and said hoarding is creating shortages in areas not served by the pipeline.

"Retailers right now have sold several days worth of inventory within a few hours," said Rob Underwood, President of the Energy Marketers of America.

It is unknown how much money the hackers are seeking, and Colonial has not commented on whether it would pay.

Gulf Coast refiners that move fuel to market on the Colonial Pipeline have cut processing. Total SE (TOTF.PA) trimmed gasoline production at its Port Arthur, Texas, refinery, and Citgo Petroleum pared back at its Lake Charles, Louisiana, plant.

Citgo said it was moving products from Lake Charles and "exploring alternate supply methods into other impacted markets." Marathon Petroleum said it was "making adjustments."

Several airlines have been transporting fuel by truck or fueling planes at destinations rather than at East Coast origins. American Airlines (AAL.O) has made changes to two long-haul flights out of Charlotte, North Carolina – one of its hub airports – through Friday


_________________
Professionally Identified and joined WP August 26, 2013
DSM 5: Autism Spectrum Disorder, DSM IV: Aspergers Moderate Severity.

“My autism is not a superpower. It also isn’t some kind of god-forsaken, endless fountain of suffering inflicted on my family. It’s just part of who I am as a person”. - Sara Luterman


kraftiekortie
Veteran
Veteran

User avatar

Joined: 4 Feb 2014
Gender: Male
Posts: 77,233
Location: Queens, NYC

12 May 2021, 4:37 pm

According to the Washington Times (and our Energy Secretary), the Colonial Pipeline is back in operation.



longshot
Veteran
Veteran

User avatar

Joined: 4 Dec 2018
Gender: Male
Posts: 4,716
Location: In some fictional location

13 May 2021, 7:19 pm

Well, this clearly illustrates my point, as to why our infrastructure system needs to be secure from such threats.


_________________
I need serenity
In a place where I can hide
I need serenity
Nothing changes, days go by


ASPartOfMe
Veteran
Veteran

User avatar

Joined: 25 Aug 2013
Age: 64
Gender: Male
Posts: 25,944
Location: Long Island, New York

14 May 2021, 7:02 am

Colonial Pipeline Paid Hackers Nearly $5 Million in Ransom

Quote:
Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.

The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.

When Bloomberg News asked President Joe Biden if he was briefed on the company’s ransom payment, the president paused, then said: “I have no comment on that.”

The FBI discourages organizations from paying ransom to hackers, saying there is no guarantee they will follow through on promises to unlock files. It also provides incentive to other would-be hackers, the agency says.

However, Anne Neuberger, the White House’s top cybersecurity official, pointedly declined to say whether companies should pay cyber ransoms at a briefing earlier this week. “We recognize, though, that companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data,” she told reporters Monday.

Such guidance provides a quandary for victims who have to weigh the risks of not paying with the costs of lost or exposed records. The reality is that many choose to pay, in part because the costs may be covered if they have cyber-insurance policies.

“They had to pay,” said Ondrej Krehel, chief executive officer and founder of digital forensics firm LIFARS and a former cyber expert at Loews Corp., which owns Boardwalk Pipeline. “This is a cyber cancer. You want to die or you want to live? It’s not a situation where you can wait.”


_________________
Professionally Identified and joined WP August 26, 2013
DSM 5: Autism Spectrum Disorder, DSM IV: Aspergers Moderate Severity.

“My autism is not a superpower. It also isn’t some kind of god-forsaken, endless fountain of suffering inflicted on my family. It’s just part of who I am as a person”. - Sara Luterman


maycontainthunder
Veteran
Veteran

Joined: 9 Mar 2020
Gender: Male
Posts: 1,707
Location: Watching the dog watching me

14 May 2021, 7:27 am

longshot wrote:
Well, this clearly illustrates my point, as to why our infrastructure system needs to be secure from such threats.


The best and only way to stop this is by not having it online. If the systems and phone lines that are used are not connected to any other systems by cable or wireless there is virtually no way for it to be hacked. If you need remote monitoring then that computer should be isolated from ALL others at all times.


_________________
To start press any key. Where's the any key?

Note to all: My user ID doesn't mean I'm going to explode at you it just means that I may contain...a different kind of thunder.