The F.B.I. on Monday confirmed that DarkSide, a hacking group, was responsible for the ransomware attack that closed a U.S. pipeline that provides the East Coast with nearly half of its gasoline and jet fuel.
The confirmation of the hack, which prompted emergency White House meetings over the weekend, comes as the Biden administration in the coming days is expected to announce an executive order to strengthen America’s cyberdefense infrastructure.
President Biden said on Monday that the government has mitigated any impact the pipeline hack might have on the U.S. fuel supply. He added that his administration has efforts underway to “disrupt and prosecute ransomware criminals.”
Colonial Pipeline, the operator of the system, issued a statement on Monday saying that restoring service “takes time.” It added that while the situation “remains fluid and continues to evolve,” the company will restore service incrementally, with the goal of “substantially” restoring service by the end of the week.
Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, said Monday afternoon that the government believes DarkSide is “a criminal actor” but is looking for any ties the group may have to nation-states.
She added that Colonial has not sought cyber support from the government, and could not confirm if the company, a private corporation, has paid any ransom.
Colonial’s pipeline transports 2.5 million barrels each day, taking refined gasoline, diesel fuel and jet fuel from the Gulf Coast up to New York Harbor and New York’s major airports. Most of that goes into large storage tanks, and with energy use depressed by the coronavirus pandemic, the attack was unlikely to cause any immediate disruptions.
Late Friday, Colonial said in a vaguely worded statement that it had shut down its 5,500 miles of pipeline, which it said carried 45 percent of the East Coast’s fuel supplies, in an effort to contain the breach. Earlier in the day, there had been disruptions along the pipeline, but it was not clear at the time whether that was a direct result of the attack or of the company’s moves to proactively halt it.
Energy analysts warned that a prolonged suspension of an oil pipeline could raise prices at the pump along the East Coast and leave some smaller airports scrambling for jet fuel.