Cyber attack shuts down major fuel pipeline system spanning from Texas to the East Coast

HOUSTON, Texas — A company that operates a major U.S. energy pipeline said early Saturday that it was victimized by a ransomware attack and has been forced to halt all pipeline operations to deal with the threat.

Colonial Pipeline isn’t saying what’s been demanded or who’s made a demand. Ransomware attacks are typically carried out by criminal hackers who seize data and demand a large payment in order to release it. The attack underscores again the vulnerabilities of critical infrastructure to cyber attacks. 

Experts indicated this cyber attack was unlikely to affect gasoline supply and prices unless it leads to a prolonged shutdown of the pipeline.

In a statement, Colonial Pipeline said the ransomware attack took place late Friday and also affected some of its information technology systems. The company describes itself as the largest refined products pipeline in the United States. It says it’s responsible for transporting more than 100 million gallons of fuel daily, through a pipeline system spanning more than 5,500 miles between Houston and the New York Harbor.

According to the company website, Colonial transports approximately 45% of all fuel consumed by the East Coast. This fuel includes gasoline, diesel fuel, home heating oil, jet fuel and fuels for the U.S. military.

The Alpharetta, Georgia-based company said it hired an outside cybersecurity firm to investigate the nature and scope of the attack and has also contacted law enforcement and federal agencies.

“Colonial Pipeline is taking steps to understand and resolve this issue,” the company said in a statement. “At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline.”

The precise nature of the incident was unclear, including who launched the attack and what the motives were.

Mike Chapple, teaching professor of IT, analytics and operations at the University of Notre Dame’s Mendoza College of Business and a former computer scientist with the National Security Agency, said systems that control pipelines should not be connected to the internet and vulnerable to cyber intrusions.

“The attacks were extremely sophisticated and they were able to defeat some pretty sophisticated security controls, or the right degree of security controls weren’t in place,” Chapple said.

The FBI and the White House’s National Security Council did not immediately respond to ABC News' request for comment. The federal Cybersecurity Infrastructure and Security Agency referred questions about the incident to the company.

The attack comes amid rising concerns over the cybersecurity vulnerabilities in America's critical infrastructure following two recent alarming incidents -- the SolarWinds intrusion campaign by alleged Russian hackers that compromised nine U.S. agencies and dozens of private organizations, and the Chinese-linked hack of Microsoft Exchange server vulnerabilities that exposed tens of thousands of systems worldwide -- as well as a high-profile, though botched hacking attempt to poison the water supply of a small Florida city.

Anne Neuberger, the Biden administration’s deputy national security adviser for cybersecurity and emerging technology, said in an interview with The Associated Press in April that the government was undertaking a new effort to help electric utilities, water districts and other critical industries protect against potentially damaging cyberattacks. She said the goal was to ensure that control systems serving 50,000 or more Americans have the core technology to detect and block malicious cyber activity.

Since then, the White House has announced a 100-day initiative aimed at protecting the country’s electricity system from cyber-attacks by encouraging owners and operators of power plants and electric utilities to improve their capabilities for identifying cyber threats to their networks. It includes concrete milestones for them to put technologies into use so they can spot and respond to intrusions in real time. The Justice Department has also announced a new task force dedicated to countering ransomware attacks in which data is seized by hackers who demand payment from victims in order to release it.

Colonial Pipeline Co., founded in 1962, also had to suspend its pipeline in 2017 when Hurricane Harvey hit the Gulf Coast. The pipeline shut down for 11 days in September 2016 due to an underground leak and in November 2016 due to a deadly fire breaking out along a section of the pipeline in Alabama.