The US capital was running out of gasoline yesterday, even as the country’s largest fuel pipeline network ramped up deliveries following a cyber-attack and Washington officials assured motorists that supplies would be returning to normal soon.
The six-day Colonial Pipeline shutdown was the most disruptive cyber-attack on record, demonstrating how vulnerable vital US infrastructure is to cyber-criminals.
Widespread panic-buying continued two days after pipeline network restarted, leaving filling stations across the US Southeast out of gas even in areas far from the pipeline.
With more Americans taking road trips as pandemic restrictions ease, pump prices are at their highest in years, two weeks before the peak summer driving season kicks off.
The average national gasoline price has climbed to almost $3.04, the most expensive since October 2014, the American Automobile Association said.
Yesterday gas station outages in Washington, DC, climbed to 87%, from 79% the day before, tracking firm GasBuddy said.
President Joe Biden has assured motorists that supplies should start returning to normal by this weekend.
“Most of these states/areas with outages have continued to see panicked buying, which is likely a contributing factor to the slow-ish recovery thus far,” said GasBuddy’s Patrick De Haan. “It will take a few weeks.”
Colonial Pipeline announced late on Thursday that it had restarted its entire pipeline system linking refineries on the Gulf Coast to markets along the eastern seaboard.
Some states experienced modest improvements but still had a lot of gasoline outages.
About 70% of gas stations in North Carolina were without fuel, with outages in around 50% of stations in Virginia, South Carolina and Georgia.
In Washington, DC, Dennis Li was stuck yesterday at a Sunoco gas station that was out of fuel.
He had tried to find gas at four stations during the day, but had no luck.
“I’m running on empty to the point where I don’t want to drive anymore,” said Li, who is from Annapolis, Maryland. “I cancelled my plans for today and this weekend because I didn’t realise shortages were so severe.”
The hacking group blamed for the attack, DarkSide, said it had hacked four other companies including a Toshiba subsidiary in Germany.
Colonial Pipeline has not determined how the initial breach occurred, a spokeswoman said on Thursday.
The privately-held company has focused on cleaning its networks, restoring data and reopening the pipeline.
Colonial has not disclosed how much money the hackers were seeking or whether it paid.
Bloomberg News reported that it paid nearly $5mn to the hackers.
To speed delivery of fuel supplies, four states and federal regulators relaxed restrictions on fuel truck drivers, and Washington issued shipping waivers allowing US refiners Valero Energy Corp and Citgo Petroleum to use foreign-flagged vessels to move gasoline and diesel from the US Gulf Coast to East Coast ports.
Yesterday Congressional committee members reintroduced legislation to support efforts by the Department of Homeland Security (DHS) to secure pipelines and pipeline facilities from cyber-attacks.
Gulf Coast refiners that send fuel to market through the Colonial Pipeline have cut production because they have been unable to move gasoline, diesel and jet fuel through the pipeline.
A smaller, alternative pipeline filled to capacity quickly after Colonial shut its network last Friday.
“Imports are likely to increase from Europe to offset the shortfall but will take time to arrive,” said Chris Midgley at S&P Global Platts.


Servers of Colonial Pipeline hacker Darkside forced down: security firm

Servers for Darkside were taken down by unknown actors yesterday, a week after the cyber-extortionist forced the shutdown of a large US oil pipeline in a ransomware scam, a US cyber-security firm said.
Recorded Future, the security firm, said in a post that the allegedly Russia-based Darkside had admitted in a Web post that it lost access to certain servers used for its Web blog and for payments.
Accessed via TOR on the Dark Web, the Darkside site address showed a notice saying that it could not be found.
Recorded Future threat intelligence analyst Dmitry Smilyanets said he found a Russian language comment on a ransomware website ostensibly from “Darksupp”, described as the operator of Darkside.
“A few hours ago, we lost access to the public part of our infrastructure, namely: Blog. Payment server. DOS servers,” Darksupp wrote.
“The Darkside operator also reported that cryptocurrency funds were also withdrawn from the gang’s payment server, which was hosting ransom payments made by victims,” said Recorded Future.
While there was no evidence of who might have forced down Darkside’s website, the twitter account of a US military cyber-warfare group, the 780th Military Intelligence Brigade, retweeted the Recorded Future report yesterday.
Darkside, which only surfaced online late last year, was behind the attack on Colonial Pipeline that forced the shutdown of its network shipping gasoline, diesel and aviation fuel across much of the eastern half of the United States. – AFP
Related Story