The Hacker News
Colonial Pipeline, which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack, once again demonstrating how infrastructure is vulnerable to cyberattacks.
On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack, the company said in a statement posted on its website. We have since determined that this incident involves ransomware. In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.
Colonial Pipeline is the largest refined products pipeline in the U.S., a 5,500 mile (8,851 km) system involved in transporting over 100 million gallons from the Texas city of Houston to New York Harbor.
Cybersecurity firm FireEye’s Mandiant incident response division is said to be assisting with the investigation, according to reports from Bloomberg and The Wall Street Journal, with the attack linked to a ransomware strain called DarkSide.
We are engaged with Colonial and our interagency partners regarding the situation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) said. This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.