A cyberattack forced the shutdown of one of the largest pipelines in the United States, in what appeared to be a significant attempt to disrupt vulnerable energy infrastructure. The pipeline carries refined gasoline and jet fuel up the East Coast from Texas to New York.
The operator of the system, Colonial Pipeline, said in a statement late Friday that it had shut down its 5,500 miles of pipeline, which it says carries 45 percent of the East Coast’s fuel supplies, in an effort to contain the breach on its computer networks. Earlier Friday, there were disruptions along the pipeline, but it was unclear whether that was a direct result of the attack, or the company’s moves to proactively halt it.
Colonial Pipeline has not indicated whether its systems were hit by ransomware, in which hackers hold a victim’s data hostage until it pays a ransom, or whether it was another form of cyberattack. But the shutdown of such a vital pipeline, one that has been serving the East Coast since the early 1960s, highlights the huge vulnerability of aging infrastructure that has been connected, directly or indirectly, to the internet.
In coming weeks the administration is expected to issue a broad-ranging executive order to bolster security of federal and private systems, after two major attacks from Russia and China in recent months caught American intelligence agencies and companies by surprise.
the SolarWinds intrusion by Russia’s main intelligence service, and another against some types of Microsoft-designed systems that has been attributed to Chinese hackers — underscored the vulnerability of the networks on which the government and corporations rely.
announced sanctions against Russia last month for SolarWinds, and is expected to issue an executive order in the coming days that would take steps to secure critical infrastructure, including requiring enhanced security for vendors providing services to the federal government.
The United States has long warned that Russia has implanted malicious code in the electric utility networks, and the United States responded several years ago by putting similar code into the Russian grid.
But actual attacks on energy systems are rare. About a decade ago, Iran was blamed for an attack on the computer systems of Saudi Aramco, one of the world’s largest oil producers, which destroyed 30,000 computers. That attack, which appeared to be in response to the American-Israeli attack on Iran’s nuclear centrifuges, did not affect operations.
Another attack on a Saudi petrochemical plant in 2017 nearly set off a major industrial disaster. But it was shut down quickly, and investigators later attributed it to Russian hackers. This year, someone briefly took control of a water treatment plant in a small Florida city, in what appeared to be an effort to poison the supply, but the attempt was quickly halted.
Clifford Krauss and Nicole Perlroth contributed reporting.