Colonial Pipeline has successfully restarted its entire 8,850 km US east coast pipeline following the DarkSide ransomware attack on 7 May 2021.
Colonial manually restarted Line 4 of the pipeline on 10 May 2021, before attempting a full restart. Limited product delivery restarted on 12 May 2021 and in a statement released at 6.55pm EDT, Colonial confirmed that all the markets it serves were receiving deliveries.
‘This would not have been possible without the commitment and dedication of the many Colonial team members across the pipeline who worked safely and tirelessly through the night to get our lines up and running. We are grateful for their dedicated service and professionalism during these extraordinary times,’ it says.
The company has warned, however, that it will likely take several days for the product delivery supply chain to return to normal, and that service interruptions are still likely during the start-up period. US president Joe Biden told a media briefing that the effects at the pump, where prices have been rising and shortages occurring, will not be felt immediately.
‘This is not like flicking on a light switch. This pipeline is 5,500 miles long. It had never been fully shut down in its entire history, and so fully. And now they have to safely and fully return to normal operations. And it’s going to take some time,’ he said, adding: ‘Still, we expect to see a region-by-region return to normalcy beginning this weekend and continuing into next week.’
To mitigate the effects of the shutdown, the US Department of Transportation’s Federal Motor Carrier Administration issued a temporary hours of service exemption for those transporting refined petroleum products to various affected states, allowing tanker drivers to work extra hours to deliver fuel. Biden said that his administration also relaxed rules or pipeline operators to manually get portions of the pipeline running. The Environmental Protection Agency (EPA) issued a 20-day waiver of standards in several states to give fuel suppliers more flexibility to use available fuels. Additionally, Biden has granted a waiver of the Jones Act to allow non-IS flagged vessels to transport refined fuel products from the Gulf of Mexico to affected areas. He urged consumers and sellers to be responsible.
Neither Colonial nor Biden would confirm whether the ransom had been paid, but sources told Bloomberg Colonial had paid the hackers, from Russian group DarkSide, US$5 million in difficult-to-trace cryptocurrency within hours after the attack. Upon payment of the ransom, the hackers provided the decryption tool. However, this was so slow that it forced Colonial to use its own backups.
Biden told reporters that the US Federal Bureau of Investigation (FBI) does not believe that the Russian government was involved in the attack, despite the cyber criminals’ Russian links. As well as seeking to prosecute those responsible, Biden said that the US would ‘pursue a measure to disrupt their ability to operate’, without suggesting what form that might take.
‘Let me say that this event is providing an urgent reminder of why we need to harden our infrastructure and make it more resilient against all threats — natural and manmade,’ Biden said.
He has signed an executive order to ensure federal agencies work more closely with the private sector to strengthen US cybersecurity, including by sharing information and deploying technologies to increase reliance against cyberattacks.