National

Cyberattack forces a shutdown of a top U.S. pipeline

The shutdown of such a vital pipeline, one that has served the East Coast since the early 1960s, highlights the vulnerability of aging infrastructure that has been connected, directly or indirectly, to the internet.

A company that operates a major U.S. energy pipeline says it was forced to temporarily halt all pipeline operations following a cybersecurity attack. (Associated Press)


One of the nation’s largest pipelines, which carries refined gasoline and jet fuel from Texas up the East Coast to New York, was forced to shut down after being hit by ransomware in a vivid demonstration of the vulnerability of energy infrastructure to cyberattacks.

The operator of the system, Colonial Pipeline, said in a vaguely worded statement late Friday that it had shut down its 5,500 miles of pipeline, which it says carries 45% of the East Coast’s fuel supplies, in an effort to contain the breach. Earlier Friday, there were disruptions along the pipeline, but it was not clear at the time whether that was a direct result of the attack or of the company’s moves to proactively halt it.

On Saturday, as the FBI, the Energy Department and the White House delved into the details, Colonial Pipeline acknowledged that its corporate computer networks had been hit by a ransomware attack, in which criminal groups hold data hostage until the victim pays a ransom. The company said it had shut down the pipeline itself, a precautionary act, apparently for fear that the hackers might have obtained information that would enable them to attack susceptible parts of the pipeline.

Administration officials said they believed the attack was the act of a criminal group, rather than a nation seeking to disrupt critical infrastructure in the United States. But at times, such groups have had loose affiliations with foreign intelligence agencies and have operated on their behalf.

The shutdown of such a vital pipeline, one that has served the East Coast since the early 1960s, highlights the vulnerability of aging infrastructure that has been connected, directly or indirectly, to the internet. In recent months, officials note, the frequency and sophistication of ransomware attacks have soared, crippling victims as varied as the District of Columbia police department, hospitals treating coronavirus patients and manufacturers, which frequently try to hide the attacks out of embarrassment that their systems were pierced.

Advertisement:

Colonial, however, had to explain why gasoline and jet fuel were no longer flowing to its customers, and Friday, the markets began to react as speculation swirled about whether an accident, a maintenance problem or a cyberincident accounted for the shutdown.

Get Boston.com's browser alerts:

Enable breaking news notifications straight to your internet browser.

Jump To Comments

Conversation

This discussion has ended. Please join elsewhere on Boston.com