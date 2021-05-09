* 'All hands on deck' effort to restore pipeline -Commerce
chief
* Colonial declines comment on whether DarkSide hackers
involved
May 9 (Reuters) - U.S. government officials were working
closely with top U.S. fuel pipeline operator Colonial Pipeline
on Sunday to help it recover from a ransomware cyberattack that
forced the company to shut a critical fuel network supplying
populous eastern states.
The attack is one of the most disruptive digital ransom
operations reported and has prompted calls from American
lawmakers to tighten protections for critical U.S. energy
infrastructure against hackers.
Commerce Secretary Gina Raimondo said Washington was working
to avoid more severe fuel supply disruptions and to help
Colonial restart as quickly as possible its more than 5,500-mile
(8,850 km) pipeline network from Texas to New Jersey.
"It's an all hands on deck effort right now," Raimondo said
on CBS' "Face the Nation" program. "We are working closely with
the company, state and local officials, to make sure that they
get back up to normal operations as quickly as possible and
there aren't disruptions in supply."
Colonial said on Saturday it was "continuing to monitor the
impact of this temporary service halt" and to work to restore
service. Neither Raimondo nor the company gave an estimate for a
restart date and Colonial declined further comment on Sunday.
Colonial transports roughly 2.5 million barrels per day of
gasoline and other fuels from refiners on the Gulf Coast to
consumers in the mid-Atlantic and southeastern United States.
Its extensive pipeline network serves major U.S. airports,
including Atlanta's Hartsfield Jackson Airport, the world's
busiest by passenger traffic.
Retail fuel experts including the American Automobile
Association said an outage lasting several days could have
significant impacts on regional fuel supplies, particularly in
the southeastern United States.
While the U.S. government investigation is in the early
stages, a former U.S. official and two industry sources said the
hackers are likely a professional cybercriminal group and that a
group called DarkSide was among potential suspects.
DarkSide is known for deploying ransomware and extorting
victims while avoiding targets in post-Soviet states. Ransomware
is a type of malware designed to lock down systems by encrypting
data and demanding payment to regain access.
Cybersecurity firm FireEye has also been brought in
to respond to the attack, according to the two industry sources.
FireEye declined to comment.
Colonial has said it was working with a "leading,
third-party cybersecurity firm," but did not name the firm.
Bloomberg News, citing people familiar with the matter,
reported late on Saturday that the hackers are part of DarkSide
and took nearly 100 gigabytes of data out of Colonial's network
on Thursday ahead of the pipeline shutdown.
Messages left with the DarkSide hackers were not immediately
returned. The group's dark website, where hackers regularly post
data about victims, made no reference to Colonial Pipeline.
Colonial declined to comment on whether DarkSide hackers
were involved in the attack, when the breach occurred or what
ransom they demanded.
BIDEN BRIEFED ON HACK
President Joe Biden was briefed on the cyberattack on
Saturday morning, the White House said, adding that the
government was working to try to help the company restore
operations and prevent supply disruptions.
Another fuel pipeline serving the same regions carries a
third of what Colonial does. Any prolonged outage would require
tankers to transport fuels from the U.S. Gulf Coast to East
Coast ports.
The privately held, Georgia-based company is owned by CDPQ
Colonial Partners L.P., IFM (US) Colonial Pipeline 2 LLC,
KKR-Keats Pipeline Investors L.P., Koch Capital Investments
Company LLC and Shell Midstream Operating LLC.
Gasoline futures and diesel futures on the New York
Mercantile Exchange rose on Friday after the outage was
reported. In previous Colonial outages, retail prices have risen
substantially, if briefly.
Oil refining companies contacted by Reuters on Saturday said
their operations had not yet been impacted. Some were monitoring
developments and working to find alternative transport for
customers.
(Reporting by Laila Kearney and Doina Chiacu; Writing by
Richard Valdmanis
Editing by Simon Webb and Grant McCool)