Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Cyber attack shuts down major US energy pipeline from Texas to New York

Attack comes as Biden administration moves to protect critical infrastructure from cyber attacks

Oliver O'Connell
New York
Saturday 08 May 2021 17:20 BST
Comments
(AP2008)
Leer en Español

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A cyber attack forced the suspension of operations on a major US energy pipeline that transports 45 per cent of all fuel consumed on the East Coast.

Colonial Pipeline said the attack took place on Friday and also affected some of its information technology systems.

The company operates the largest refined-products pipeline in the US, transporting gasoline, diesel fuel, and home heating oil from Houston, Texas to New York Harbour.

An outside security firm is investigating the nature and scope of the attack and the Alpharetta, Georgia-based company has also been in touch with law enforcement and federal agencies.

“Colonial Pipeline is taking steps to understand and resolve this issue,” the company said in a statement late on Friday.

“At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimise disruption to our customers and those who rely on Colonial Pipeline.”

The precise nature and motive of the attack are unclear at present.

Colonial Pipeline transports more than 100 million gallons of fuel daily, through a pipeline system spanning more than 5,500 miles between Texas and New Jersey.

Mike Chapple, teaching professor of IT, analytics and operations at the University of Notre Dame’s Mendoza College of Business, said systems that control pipelines should not be connected to the internet and be vulnerable to cyber intrusions.

“The attacks were extremely sophisticated and they were able to defeat some pretty sophisticated security controls, or the right degree of security controls weren’t in place,” said Mr Chapple, who is also a former computer scientist with the National Security Agency.

There is widespread alarm at the vulnerability of the US’s critical infrastructure following an unsuccessful attack on a water treatment plant in Florida that sought to compromise the water supply.

These fears are especially heightened in light of the SolarWinds hacking of US government agencies and private companies orchestrated by Russia.

Microsoft president Brad Smith said that hack was “the largest and most sophisticated attack the world has ever seen”.

The Biden administration is undertaking a new effort to help electric utilities, water districts, and other critical industries protect against potentially damaging cyberattacks.

Anne Neuberger, the deputy national security adviser for cybersecurity and emerging technology, told The Associated Press in April that the goal was to ensure that control systems serving 50,000 or more Americans have the core technology to detect and block malicious cyber activity.

Since then, the White House has announced a 100-day initiative aimed at protecting the country’s electricity system from cyberattacks.

Owners and operators of power plants and electric utilities have been encouraged to improve their capabilities for identifying cyber threats to their networks.

This includes concrete milestones to put technologies into use to spot and respond to intrusions in real-time.

The Justice Department has also announced a new task force dedicated to countering ransomware attacks in which data is seized by hackers who demand payment from victims in order to release it.

With reporting from The Associated Press

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in