Cyberattacks on US are ‘here to stay’, Biden official warns

Following a ransomware attack on the largest US gasoline pipeline, an official in Joe Biden’s administration has said such cyberattacks against the country’s infrastructure are “here to stay”.

Commerce secretary Gina Raimondo urged the US Congress to help the country’s private sector to prepare better for a future where cyberattacks on businesses and infrastructure become increasingly common.

Ms Raimondo told CBS’s Face The Nation on Sunday that such attacks are “here to stay”, adding: “This is what businesses now have to worry about.”

Republican senator Bill Cassidy, who represents one of the states affected by the attack, said the implications of such incidents on national security “cannot be overstated,” adding that a move to provide businesses with resources to withstand cyberattacks can draw bipartisan support.

On Saturday, Colonial Pipeline – a company that supplies 45 per cent of gas to the US East Coast – revealed that it was a victim of a cybersecurity attack involving ransomware that temporarily halted all its pipeline operations, and affected its IT systems.

Ransomeware attacks are designed to lock down systems by encrypting data, following which hackers demand payment to grant access again.

According to Bloomberg News, before demanding the ransom, the hackers took close to 100 gigabytes of data from Colonial’s network a day ahead of the pipeline shutdown.

“This is as close as you can get to the jugular of infrastructure in the United States. It’s not a major pipeline. It’s the pipeline,” said Amy Myers Jaffe, research professor and managing director of the Climate Policy Lab. 

Following the cyberattack, Colonial Pipeline responded by taking some of its main systems offline and brought in a cybersecurity firm to investigate, while keeping its smaller lateral lines between terminals and delivery points operational.

“We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations,” the company noted in a statement.

Ms Raimondo said President Biden was briefed about the attack and was working closely with the company and local officials to restart normal operations “as quickly as possible”.

Experts quoted by Reuters said a prolonged shutdown of the pipeline, even one lasting four or five days, may lead to a rise in prices at gasoline pumps ahead of the peak summer driving season.

Colonial Pipeline has not revealed any more information about how long its pipelines will be shut.

Investigators are reportedly looking into a professional cybercriminal group called “DarkSide,” who are known for deploying ransomware and extorting victims.