A cyberattack has forced the shutdown of a significant gas pipeline in the U.S. that provides 45 percent of all fuel consumed on the East Coast.
"We proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, also influenced some of our IT systems," the company said in a statement.
Colonial Pipeline said in an upgrade Saturday the attack involved ransomware.
Colonial's network supplies gas out of U.S. refiners on the Gulf Coast to the southern and eastern U.S. and transports 2.5 million barrels a day of gasoline, diesel, jet fuel and other products through 5,500 kilometers of pipelines, the company said.
It's not clear just how long the pipelines will be closed down. The shutdown will affect other pipeline operations like the Buckeye and Twin Oaks Pipeline, which runs through the New York City-Long Island area and Maine, FEMA stated.
The company, based in Alpharetta, Georgiasaid it hired an outside cybersecurity company to investigate the nature and scope of the attack and has also contacted law enforcement and federal agencies.
"Colonial Pipeline is taking steps to understand and resolve this issue. At this moment, our primary focus is the safe and effective restoration of our service and our efforts to go back to normal functioning. This process is already underway, and we're working diligently to address this matter and to minimize disruption to our clients and people who rely on Colonial Pipeline," the company said.
President Joe Biden has been briefed on the situation, according to a White House spokesperson.
"The federal government is working actively to evaluate the consequences of the incident, prevent disruption to provide, and assist the company restore pipeline operations as quickly as possible," the spokesperson said.
The official said the government is reaching out across the sector to make sure they have protections in place that could detect similar attacks.
The FBI said it's working together with Colonial Pipeline about the ransomware assault.
"FBI was informed of a network disruption at Colonial Pipeline on May 7, 2021 and is working closely with the company and government partners," the FBI said. "We've got nothing additional to share at this moment."
The Cybersecurity and Infrastructure Security Agency published a statement stating they are"engaged" with the company.
"We are engaged with the organization and our interagency partners concerning the circumstance," Eric Goldstein, CISA's executive assistant manager of the Cybersecurity Division said. "This underscores the threat which ransomware poses to organizations irrespective of size or sector. We encourage each organization to take actions to fortify their cybersecurity position to reduce their exposure to these types of threats."
Preliminary results of the investigation at this point suggest the attack was the handiwork of the so-called DarkSide criminal association that works in Eastern Europe, according to two officials briefed on the probe. Federal officials are continuing to firm up their findings and are actively attempting to determine whether or not a foreign nation could either be behind the attack or functioning together with the criminals.
Cybersecurity company Fireye confirmed to ABC News Sunday that it is helping Colonial Pipeline using its systems in the aftermath of the assault.
Colonial Pipeline stated it is"developing a system restart plan" in a statement Sunday. While the organization said its mainline remains offline, smaller,"lateral" lines between terminals and shipping factors are operational.
"We are in the process of restoring service to other laterals and will bring our entire system back online only if we believe it's safe to do so, and also in total compliance with the approval of federal regulations," the company said.
Additionally, the U.S. Department of Transportation's Federal Motor Carrier Administration said it's temporarily raising certain rules for truck drivers who transport gasoline, diesel, jet fuel and oil products in nations impacted by the pipeline shutdown.
This past year, Fireye found the huge SolarWinds hack which influenced nine government agencies.
Department of Homeland Security Secretary Alejandro Mayorkas spoke about the dangers of ransomware earlier this week given the current spate of ransomware attacks, including the hack of the Washington, D.C., Metropolitan Police Department and the Illinois Attorney General's Office.
