Colonial Pipeline's network supplies fuel from U.S refiners on the Gulf Coast to the populous eastern and southern parts of the U.S..
Transporting 2.5 million barrels per day of gasoline, diesel, jet fuel and other refined products, the system runs throughout the company's pipelines that span to about 8,850 kilometers in length.
Distributing at least 45% of the whole East Coast fuel supply, Colonial Pipeline is considered the top U.S. fuel pipeline operator.
And this time, it halted all of its operations and network after cybercriminal groups hold its data hostage.
The company said it had to shut down the pipeline itself as a precautionary act to contain the threat, fearing that the hackers might have obtained information that would enable them to attack susceptible parts of the pipeline.
As a result, the action temporarily halted operations and affected some of its IT systems, the company said.
“Colonial Pipeline is taking steps to understand and resolve the issue,” the company said. “Our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation.”
And with that, the company also said it had contacted the law enforcement authorities and other federal agencies.
The FBI confirmed this, saying that it is involved in the investigation, alongside the U.S. Energy Department and the the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
In a statement a day later, the White House said that President Joe Biden had been briefed on the ransomware attack and its aftermath earlier in the day, and said that officials were working to “assess the implications of this incident, avoid disruption to supply and help the company restore pipeline operations as quickly as possible.”
It was reported that the officials and others in the fuel industry are moving swiftly to protect themselves.
At first, the officials said that they believed the attack was the act of a criminal group, rather than a nation seeking to disrupt critical infrastructure in the U.S..
Colonial Pipeline is a company based in Alpharetta, a city located in northern Fulton County, Georgia, U.S..
While it is owned by several American and foreign companies and investment firms, including Koch Industries and Royal Dutch Shell, the company is privately held.
What this means, Colonial is under less pressure than a publicly traded company to reveal details of the cyberattack.
But still, as one of the biggest infrastructure in the U.S., Colonial is bound to some under scrutiny over the quality of its protections and its transparency about how it responded to the attack.
People familiar with the matter said that although Colonial insisted that it became aware of the attack on May 7th, the event appeared to have happened over the span of several days.
Besides working with officials from the government, Colonial is also working with the private cybersecurity company FireEye, which has previously worked to respond to hacks that affected Sony Pictures Entertainment, energy facility breaches in the Middle East and a number of other events involving the federal government.
Disrupting the distribution of fuel, both gasoline and diesel futures on the New York Mercantile Exchange rose more than crude prices during the day. But for longer-term price effects depend on the amount of time that the lines are shut.
Previously, Colonial had also shut down its gasoline and distillate lines during Hurricane Harvey, which hit the Gulf Coast in 2017.
During the course of the disruption, Gulf Coast gasoline prices rose to a five-year high, while diesel prices rose to around a four-year high.
It was later reported that the hackers were known as a group called the DarkSide. And according to a U.S. official, Colonial paid the $5 million ransom.