Major US pipeline network shuts after ‘cybersecurity attack’

A major pipeline operator in the United States has been forced to shut its entire network after a cyber attack, the company said.

Colonial Pipeline said in a statement late on Friday that it was the victim of “a cybersecurity attack”.

“In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems,” it said.

Colonial’s network supplies fuel from US refiners on the Gulf Coast to the populous eastern and southern United States.

The company transports 2.5 million barrels per day of gasoline, diesel, jet fuel and other refined products through 8,850km (5,500 miles) of pipelines.

Colonial Pipeline says it transports 45 percent of the east coast fuel supply.

“The fact that this attack compromised systems that control pipeline infrastructure indicates that either the attack was extremely sophisticated or the systems were not well secured,” said Mike Chapple, a professor at the University of Notre Dame’s Mendoza College of Business and a former computer scientist with the US National Security Agency.

This 2016 file photo shows cars near Colonial Pipeline in Helena, Alabama [File: Brynn Anderson/AP Photo]

“This pipeline shutdown sends the message that core elements of our national infrastructure continue to be vulnerable to cyberattack,” Chapple told the Reuters news agency.

In its statement, the company said it had hired a private security firm to investigate the hack and contacted law enforcement and US federal authorities.

“At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway,” it said.

The US was rocked in recent months by news of two major cybersecurity breaches.

The massive SolarWinds hack compromised thousands of US government and private-sector computer networks and was officially blamed on Russia; while another hack targeted Microsoft email servers.

The latter is believed to have affected at least 30,000 US organisations including local governments and was attributed to an aggressive Chinese cyber-espionage campaign.

Both breaches appeared to be aimed at stealing emails and data but they also created “back doors” that could allow attacks on physical infrastructure, The New York Times reported.

Article source: