Colonial Pipeline Resumes Normal Operations After being hit by the Ransomware Attack
As the Colonial Pipeline system got hit by the cyberattack, several gasoline stations and terminals from Florida to New Jersey had started to run dry. More than 13,400 gas stations surveyed in the east and south by fuel tracking app GasBuddy were reported to be affected.
But since Saturday, the widespread gasoline shortages along the U.S. East Coast have begun to ease.
Colonial Pipeline shutdown, the most disruptive cyberattack on record, triggered widespread panic buying, leading to fuel shortage, but the systems are returning to normal operations now, delivering millions of gallons per hour to the markets.
After easing of “crazed” panic buying, the gasoline demand has dropped 12.6% from the previous week.
The pipeline outage also caused a spike in gasoline prices, which were already on the rise due to increasing crude oil prices. Places served by the Colonial pipeline saw the biggest price hike.
For the uninitiated, The Colonial Pipeline, which carries about 45% of the fuel consumed on the U.S. East Coast, had to cease operations last Friday after its infrastructure was crippled by a cyberattack carried out by a cybercriminal group known as DarkSide.
The company is now servicing all markets, including Alabama, Texas, Georgia, Mississippi, Louisiana, Delaware, Tennessee, South and North Carolina, Pennsylvania, Maryland, Virginia, D.C., and New Jersey, but there are still widespread fuel shortages in many of the markets.
Although things have returned to normal now, the disruption emphasizes the vulnerability of America’s fuel supply system and the alarming rise in the number of attacks on energy infrastructure in the past few years.
The Colonial Pipeline Company claims to have invested $1.1 billion in system integrity and preventive maintenance in the past five years alone, but there are still many vulnerabilities that need to be addressed.
A defence-in-depth posture containing multiple layers of protection and redundancies can help prevent such attacks to a great extent. Further, dividing networks into segments, particularly more exposed I.T. systems, is also important.
Several companies strictly enforce network segmentation, especially between I.T. and O.T., it is still unclear whether Colonial follows this safety guideline.
If we talk of the Colonial Pipeline hack, it would be too early to craft regulations in response to the hack as the details of the incident are still unknown. Adopting more flexible policies that allow companies to adapt to evolving threats is the possible solution that can help them avert such attacks down the line.