Cyberattack On Colonial Pipeline: Alabama Among States Affected

Birmingham AL

10 May, 2021

10:36 AM

Description

WASHINGTON, DC — The Federal Motor Carrier Safety Administration declared an emergency in response to the "unanticipated shutdown" of the Colonial pipeline, which supplies gasoline, diesel, jet fuel and other petroleum products through Alabama, among other states. Colonial Pipeline Co. said it learned it was the victim of a cybersecurity attack and has since determined that the incident involved ransomware. The attack could cause shortages and impact fuel prices in the region. The impacted states and territories also include Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia. Experts say the attack will affect gas prices only if the pipeline is shut down for more than five days. "The challenges brought on by the Colonial Pipeline shut down would likely not appear for several days or longer," said Patrick De Haan a fiel analyst with GasBuddy. "My guess is they'll be able to restart the pipeline before any major issues develop. This should NOT be a pricing event- but this may be a supply event." De Haan added, "If it lasts more than five days or so, there would be challenges in some SE states only, but they may not all be even across the affected states." NBC News reported that a "Russian criminal group" may be responsible for a ransomware attack that shut down the major U.S. fuel pipeline, two sources familiar with the matter said Sunday. The group, known as DarkSide, has a "sophisticated approach to the business of extortion," the sources said. Over the past 48 hours, Colonial pipeline personnel say they have taken additional precautionary measures to help further monitor and protect the safety and security of its pipeline. "This underscores the threat that ransomware poses to organizations regardless of size or sector," the Cybersecurity and Infrastructure Security Agency said in a statement. "We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats." Jay Town, a former U.S. Attorney for the Northern District of Alabama and current vice president and general counsel for Gray Analytics, said ransomware attacks occur every 11 seconds worldwide, and have caused an estimated $75 billion in losses to businesses. Town said 57 of businesses lose 20 percent of their clients after a ransomware attack. "Costs are not just immediate, but in perpetuity," Town said. "Two days of downtime is sustainable; more than that and clients walk." He said 200 million ransomware attacks occurred in the first nine months of 2020. "As you can see, it's not just the lost income during the breach, response, and shutdown," Town said. "Or even the ransom payments. It's the lost customers. Nearly 3/5 businesses lost 1 in every 5 customers after a ransomware attack. One in 8 lose half. World economy is impacted as well, $6 trillion annually — with a T." Patch editor Tom Davis contributed to this report.