US has reportedly shutdown one of the largest pipelines network following a cyberattack. First reported by the New York Times, Colonial Pipeline, which carries 45 percent of the fuel supplies for the eastern US.
In a statement the company said that it shut down systems to contain the threat after learning of the attack on Friday. That action also temporarily halted operations and affected some of its IT systems.
The pipeline is 5,500 miles long and carries jet fuel and refined gasoline from the Gulf Coast to New York, according to the Times, transporting some 2.5 million barrels daily.
At the moment it is not yet clear whether the attack targeted Colonial’s industrial control systems, or if the attack was carried out by foreign government hackers.
While the U.S. government is investigating the matter, one former official and two industry sources said the hackers are likely a highly professional cybercriminal group. Investigators are looking into whether a group dubbed DarkSide by the cybersecurity research community is responsible.
Alpharetta, Georgia-based Colonial said it had engaged a leading third-party cybersecurity firm to investigate the nature and scope of the incident, and has contacted law enforcement.
Cybersecurity company FireEye has been brought in to respond to the attack, the cybersecurity industry sources said. FireEye declined to comment.
The U.S. Transportation Security Administration told Reuters it is working with other agencies on the situation.
Colonial did not give further details or say for how long its pipelines would be shut. The privately held, Georgia-based company is owned by CDPQ Colonial Partners L.P., IFM (US) Colonial Pipeline 2 LLC, KKR-Keats Pipeline Investors L.P., Koch Capital Investments Company LLC and Shell Midstream Operating LLC.
