cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Cyber attack shuts down largest oil pipeline in US, state of emergency declared

Cyber criminal gang DarkSide executed a ransomware attack against the US, shutting down their largest oil pipeline and triggering a state of emergency.

user icon Liam Garman
Wed, 12 May 2021
Cyber attack shuts down largest oil pipeline in US, state of emergency declared
expand image

Operators of the United States’ largest oil pipeline fell victim to a ransomware attack over the weekend, which shutdown the company’s primary oil transporting pipelines and sparking a fuel crisis across the east coast.

According to the BBC, Colonial Pipelines transports some 45 per cent of the diesel, jet fuel and petrol on the east coat of the US, amounting to an estimated 2.5 million barrels of oil a day.

The FBI announced on Monday that the culprit of the attack was the cyber criminal gang DarkSide, which used its DarkSide ransomware to execute the attack.

“The FBI confirms that the DarkSide ransomware is responsible for the compromise of the Colonial Pipeline networks. We continue to work with the company and our government partners on the investigation,” the FBI published on its website.

President Joe Biden confirmed that he is currently receiving daily security briefings following the incident, which has raised major questions regarding the US’ national resilience regarding energy and fuel security. The President outlined that the US will strengthen the security systems of the nation's primary industries.

“So to jumpstart greater private-sector investment in cyber security, we launched a new public-private initiative in April. It begins with a 100-day sprint to improve cyber security in the electric sector, and we’ll follow that with similar initiatives in natural gas pipelines, water and other sectors. In addition to companies stepping up, we need to invest to safeguard our critical infrastructure,” President Biden said.

"I'm going to be meeting with President Putin, and so far there's no evidence from our intelligence people that Russia is involved," President Biden responded to a reporter. "Although, there's evidence that the actors' ransomware is in Russia, they have some responsibility to deal with this."

Following the declaration of a state of emergency following the attack, the Department of Transportation outlined, “This declaration addresses the emergency conditions creating a need for immediate transportation of gasoline, diesel, jet fuel and other refined petroleum products and provides necessary relief.”

Cyber criminal gang DarkSide, however, waved away speculation that the attack was politically motivated.

"We do not participate in geopolitics, do not need to tie us with a defined government," DarkSide said.

According to the BBC, when accessing the cyber gang’s website in the darkweb, a message reads, “Our goal is to make money and not creating problems for society.”

The hack on Colonial Pipelines follows the same formula that was recently used with the hack on Telstra providers Schepisi Communications, who gained access to tens of thousands of business sim cards.

The methodology involves cyber criminals encrypting pockets of valuable data and processes, charging the breached company to provide payment in exchange for access to the decryption tool and thus averting a data leak.

More to follow.

[Related: Telstra provider hacked, business SIM data stolen]

Liam Garman

Liam Garman

Liam Garman is the editor of leading Australian security and defence publications Cyber Daily and Defence Connect. 

Liam began his career as a speech writer at New South Wales Parliament before working for world leading campaigns and research agencies in Sydney and Auckland. Throughout his career, Liam has managed and executed a range of international media and communications campaigns spanning politics, business, industrial relations and infrastructure. He’s since shifted his attention to researching and writing extensively on geopolitics and defence, specifically in North Africa, the Middle East and Asia. He holds a Bachelor of Commerce from the University of Sydney and a Masters of Strategy and Security from UNSW Canberra, with a thesis on postmodernism and disinformation operations. 

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.