The nation is facing once in a generation choices about how energy ought to be delivered to homes, businesses and electric cars — decisions that could shape the course of climate change and determine how the United States copes with wildfires, heat waves and other extreme weather linked to global warming.
On one side, large electric utilities and President Biden want to build thousands of miles of power lines to move electricity created by distant wind turbines and solar farms to cities and suburbs. On the other, some environmental organizations and community groups are pushing for greater investment in rooftop solar panels, batteries and local wind turbines.
There is an intense policy struggle taking place in Washington and state capitals about the choices that lawmakers, energy businesses and individuals make in the next few years, which could lock in an energy system that lasts for decades. The divide between those who want more power lines and those calling for a more decentralized energy system has split the renewable energy industry and the environmental movement. And it has created partnerships of convenience between fossil fuel companies and local groups fighting power lines.
At issue is how quickly the country can move to cleaner energy and how much electricity rates will increase.
senators from both parties agreed to in June. That deal includes the creation of a Grid Development Authority to speed up approvals for transmission lines.
Most energy experts agree that the United States must improve its aging electric grids, especially after millions of Texans spent days freezing this winter when the state’s electricity system faltered.
“The choices we make today will set us on a path that, if history is a barometer, could last for 50 to 100 years,” said Amy Myers Jaffe, managing director of the Climate Policy Lab at Tufts University. “At stake is literally the health and economic well-being of every American.”
The option supported by Mr. Biden and some large energy companies would replace coal and natural gas power plants with large wind and solar farms hundreds of miles from cities, requiring lots of new power lines. Such integration would strengthen the control that the utility industry and Wall Street have over the grid.
batteries installed at homes, businesses and municipal buildings.
Those batteries kicked in up to 6 percent of the state grid’s power supply during the crisis, helping to make up for idled natural gas and nuclear power plants. Rooftop solar panels generated an additional 4 percent of the state’s electricity.
become more common in recent years.
Some environmentalists argue that greater use of rooftop solar and batteries is becoming more essential because of climate change.
After its gear ignited several large wildfires, Pacific Gas & Electric began shutting off power on hot and windy days to prevent fires. The company emerged from bankruptcy last year after amassing $30 billion in liabilities for wildfires caused by its equipment, including transmission lines.
Elizabeth Ellenburg, an 87-year-old cancer survivor in Napa, Calif., bought solar panels and a battery from Sunrun in 2019 to keep her refrigerator, oxygen equipment and appliances running during PG&E’s power shut-offs, a plan that she said has worked well.
“Usually, when PG&E goes out it’s not 24 hours — it’s days,” said Ms. Ellenburg, a retired nurse. “I need to have the ability to use medical equipment. To live in my own home, I needed power other than the power company.”
working to improve its equipment. “Our focus is to make both our distribution and transmission system more resilient and fireproof,” said Sumeet Singh, PG&E’s chief risk officer.
But spending on fire prevention by California utilities has raised electricity rates, and consumer groups say building more power lines will drive them even higher.
Average residential electricity rates nationally have increased by about 14 percent over the last decade even though average household energy use rose just over 1 percent.
2019 report by the National Renewable Energy Laboratory, a research arm of the Energy Department, found that greater use of rooftop solar can reduce the need for new transmission lines, displace expensive power plants and save the energy that is lost when electricity is moved long distances. The study also found that rooftop systems can put pressure on utilities to improve or expand neighborhood wires and equipment.
Texas was paralyzed for more than four days by a deep freeze that shut down power plants and disabled natural gas pipelines. People used cars and grills and even burned furniture to keep warm; at least 150 died.
One reason for the failure was that the state has kept the grid managed by the Electric Reliability Council of Texas largely disconnected from the rest of the country to avoid federal oversight. That prevented the state from importing power and makes Texas a case for the interconnected power system that Mr. Biden wants.
Consider Marfa, an artsy town in the Chihuahuan Desert. Residents struggled to stay warm as the ground was blanketed with snow and freezing rain. Yet 75 miles to the west, the lights were on in Van Horn, Texas. That town is served by El Paso Electric, a utility attached to the Western Electricity Coordinating Council, a grid that ties together 14 states, two Canadian provinces and a Mexican state.
$1.4 million, compared with about $1 million to Donald J. Trump, according to the Center for Responsive Politics.
In Washington, developers of large solar and wind projects are pushing for a more connected grid while utilities want more federal funding for new transmission lines. Advocates for rooftop solar panels and batteries are lobbying Congress for more federal incentives.
Separately, there are pitched battles going on in state capitals over how much utilities must pay homeowners for the electricity generated by rooftop solar panels. Utilities in California, Florida and elsewhere want lawmakers to reduce those rates. Homeowners with solar panels and renewable energy groups are fighting those efforts.
Building power lines is hard.
Despite Mr. Biden’s support, the utility industry could struggle to add power lines.
Many Americans resist transmission lines for aesthetic and environmental reasons. Powerful economic interests are also at play. In Maine, for instance, a campaign is underway to stop a 145-mile line that will bring hydroelectric power from Quebec to Massachusetts.
New England has phased out coal but still uses natural gas. Lawmakers are hoping to change that with the help of the $1 billion line, called the New England Clean Energy Connect.
This spring, workmen cleared trees and installed steel poles in the forests of western Maine. First proposed a decade ago, the project was supposed to cut through New Hampshire until the state rejected it. Federal and state regulators have signed off on the Maine route, which is sponsored by Central Maine Power and HydroQuebec.
But the project is mired in lawsuits, and Maine residents could block it through a November ballot measure.
set a record in May, and some scientists believe recent heat waves were made worse by climate change.
“Transmission projects take upward of 10 years from conception to completion,” said Douglas D. Giuffre, a power expert at IHS Markit. “So if we’re looking at decarbonization of the power sector by 2035, then this all needs to happen very rapidly.”
Shortly after 8 p.m. on May 25, 2020, Derek Chauvin, a Minneapolis police officer, placed his knee on George Floyd’s neck and kept it there for more than nine minutes. None of the three other officers standing near Chauvin intervened. Soon, Floyd was dead.
Initially, the police gave a misleading account of Floyd’s death, and the case might have received relatively little attention but for the video that Darnella Frazier, a 17-year-old, took with her phone. That video led to international outrage and, by some measures, the largest protest marches in U.S. history.
Today, one year after Floyd’s murder, we are going to look at the impact of the movement that his death inspired in four different areas.
30 states and dozens of large cities have created new rules limiting police tactics. Two common changes: banning neck restraints, like the kind Chauvin used; and requiring police officers to intervene when a fellow officer uses extreme force.
pledged to hire more diverse workforces.
wrote. “So companies and institutions stopped whining about supposedly bad pipelines and started looking beyond them.”
It’s still unclear how much has changed and how much of the corporate response was public relations.
3. Changes in public opinion
Initially, public sympathy for the Black Lives Matter movement soared. But as with most high-profile political subjects in the 21st-century U.S., opinion soon polarized along partisan lines.
Today, Republican voters are less sympathetic to Black Lives Matter than they were a year ago, the political scientists Jennifer Chudy and Hakeem Jefferson have shown. Support among Democrats remains higher than it was before Floyd’s death but is lower than immediately afterward.
There are a few broad areas of agreement. Most Americans say they have a high degree of trust in law enforcement — even more than did last June, FiveThirtyEight’s Alex Samuels notes. Most also disagree with calls to “defund” or abolish police departments. Yet most back changes to policing, such as banning chokeholds.
4. A crime surge, much debated
It’s clear that violent crime has risen over the past year. It’s not fully clear why.
Many liberals argue that the increase has little to do with the protest movement’s call for less aggressive policing. The best evidence on this side of the debate is that violent crime was already rising — including in Chicago, New York and Philadelphia — before the protests. This pattern suggests that other factors, like the pandemic and a surge of gun purchases, have played important roles.
Many conservatives believe that the crime spike is connected to the criticism of the police, and they point to different evidence. First, the crime increase accelerated last summer, after the protests began — and other high-income countries have not experienced similar increases. Second, this acceleration fits into a larger historical pattern: Crime also rose in Baltimore and Ferguson, Mo., after 2015 protests about police violence there, as Patrick Sharkey, a sociologist and crime scholar, notes.
Sharkey has told us. But that doesn’t mean that the pre-protest status quo was the right approach, he emphasizes. Brute-force policing “can reduce violence,” he said, in a Q. and A. with The Atlantic. “But it comes with these costs that don’t in the long run create safe, strong, or stable communities.”
Some reform advocates worry that rising crime will rebuild support for harsh police tactics and prison sentences. “Fear makes people revert to old ways of doing things,” Lopez said.
The big question
How can police officers both prevent crime and behave less violently, so that they kill fewer Americans while doing their jobs?
Some experts say that officers should focus on hot spots where most crimes occur. Others suggest training officers to de-escalate situations more often. Still others recommend taking away some responsibilities from the police — like traffic stops and mental-health interventions — to reduce the opportunities for violence.
So far, the changes do not seem to have affected the number of police killings. Through last weekend, police officers continued to kill about three Americans per day on average, virtually the same as before Floyd’s murder.
A timeline of the events of the past year.
President Biden will meet with members of Floyd’s family at the White House today. Follow updates here about the anniversary.
THE LATEST NEWS
125th anniversary, The Times Book Review is highlighting some noteworthy first mentions of famous writers. You can find the full list here. Some of our favorites:
F. Scott Fitzgerald: In 1916, Princeton admitted only men, and they would often play women’s roles in campus plays. The Times featured a photo of Fitzgerald in character, calling him “the most beautiful showgirl.”
in an article about a “Greek Games” competition among students at Barnard: “A messenger, Joan Roth, rushed in to say that Persephone still lived and a rejoicing group danced in. Eight tumblers did tricks before the crowd to distract the still disconsolate Demeter.” Highsmith was among the student acrobats.
Ralph Ellison: In 1950, two years before the publication of “Invisible Man,” Ellison reviewed a novel called “Stranger and Alone,” by J. Saunders Redding. Ellison wrote that Saunders “presents many aspects of Southern Negro middle-class life for the first time in fiction.”
John Updike: An acclaimed short-story writer who had yet to publish a novel, Updike appeared in an advice article in 1958, encouraging parents to teach their children complex words. “A long correct word is exciting for a child,” he said. “Makes them laugh; my daughter never says ‘rhinoceros’ without laughing.” — Sanam Yar, a Morning writer
PLAY, WATCH, EAT
What to Cook
Here’s today’s Mini Crossword, and a clue: Comedian Silverman (five letters).
If you’re in the mood to play more, find all our games here.
Thanks for spending part of your morning with The Times. See you tomorrow. — David
P.S. The first “Star Wars” movie premiered 44 years ago today. Vincent Canby’s Times review called it “the most elaborate, most expensive, most beautiful movie serial ever made.”
You can see today’s print front page here.
“The Daily” is about a student free speech case. On “Sway,” Eliot Higgins discusses Bellingcat’s journalism.
Lalena Fisher, Claire Moses, Tom Wright-Piersanti and Sanam Yar contributed to The Morning. You can reach the team at firstname.lastname@example.org.
Sign up here to get this newsletter in your inbox.
HOUSTON — When OPEC barred oil exports to the United States in 1973, creating long gasoline lines, President Richard Nixon pledged an effort that would combine the spirit of the Apollo program and the determination of the Manhattan Project.
“By the end of this decade, we will have developed the potential to meet our own energy needs without depending on any foreign energy sources,” he said in a televised address.
His timing was off — it took more than 40 years — but the country has come pretty close to energy independence in recent years thanks to a surge in domestic shale oil and natural gas production and the harnessing of solar and wind energy.
That independence, however, is fragile. Last week, cars lined up at gas stations across much of the Southeast after the Colonial Pipeline was paralyzed by a cyberattack by a criminal group seeking a ransom. The electric grid is also coming under greater stress because of climate change. In the last year, a heat wave in California and a deep freeze in Texas forced rolling blackouts as demand for power outstripped supply.
panic buying rarely seen in decades produced shortages, and prices at the pump rose as much as 20 cents a gallon for regular gasoline in some states in a few days, according to AAA.
Mr. Yergin said that drivers who lined up at pumps to fill gas cans and even plastic bags made the situation worse. The impulse to hoard harkened back to the oil shocks of the 1970s and appeared to touch a chord in the national psyche.
“People remembered gas lines even though they weren’t born yet,” Mr. Yergin said.
Colonial Pipeline, a private company, resumed full operations over the weekend, but it will take at least several more days before many gas stations are restocked.
Energy companies will come under greater pressure from governments and investors to bulk up their defenses against cyberattacks, but those and other vulnerabilities will not be easily overcome, especially after years of underinvestment.
Upgrading the energy system will not be easy. Dozens of competing companies that operate a vast web of oil and gas wells and pumping stations, transmission lines and power plants will need coaxing to make their operations more resilient to weather and criminal attacks. Considerable funding will have to come from business and government, as well as research to keep ahead of the cybercriminals. President Biden’s $2 trillion infrastructure plan devotes $100 billion to the transmission grid.
The quest for energy independence has never been a straight line, and there have been many unfortunate twists. Reliance on Middle East oil was a major consideration in military action and diplomatic strategy, including alliances with countries like Saudi Arabia with disturbing human rights records. A half-century ago, the country shifted from burning heating oil to relying more heavily on coal, which contributed to climate change.
But the search for energy independence also led to innovation. Fracking — the hydraulic fracturing of shale oil and natural gas deposits — not only slashed energy imports but also made the United States a major exporter. Suddenly oil and gas were not a national security vulnerability but a tool to further American interests.
nearly half of the transportation fuel needs of the region.
When hurricanes hit, and refineries on the Gulf shut down, gasoline and diesel prices tend to rise along the East Coast. Normally, that is not a huge problem because companies store lots of fuel close to where it is used and trucks and barges can usually make up the difference. This time, however, uncertainty about how long it would take to restore supplies made the Colonial Pipeline’s shutdown much more disruptive.
The ransomware attack was the work of DarkSide, an extortionist ring that has been responsible for scores of attacks on companies in several countries. But it is hardly the only group that infiltrates computer systems to extort money. Others go by names like REvil, Maze and LockBit.
“The technology moves so quickly, you solve one or two or twenty possible vulnerabilities in your computer systems and the hackers find a different way to get in.” said Drue Pearce, a former deputy administrator of the federal Pipeline Hazardous Materials Safety Administration.
The criminal groups represent a threat to industries beyond energy. But experts say energy is of particular concern because it is essential to a functioning economy. The peril is no less complex than reducing the United States’ reliance on foreign oil, said Bill Richardson, a former energy secretary.
“This is a new threat that we are not prepared for,” he said.
HOUSTON — The Colonial Pipeline, which delivers nearly half the transportation fuel to the Southeast and New York area, resumed full operations on Saturday, eight days after it was shut down by a ransomware attack.
It will still take days before gasoline stations around Washington, D.C., and the Southeast return to normal service, since nearly 2,000 outlets ran out of fuel and it takes time to restock.
Prices at the pump have stabilized, though. Average prices of regular gasoline in Tennessee and South Carolina, two of the hardest hit states, rose by only a penny on Saturday, according to the AAA motor club. Nationwide, gasoline prices remained stable at $3.04, eight cents higher than a week ago. Prices in the states most affected by the shutdown rose by as much as 20 cents a gallon in the last week.
“We have returned the system to normal operations, delivering millions of gallons per hour to the markets we serve,” the operator of the pipeline said on Twitter.
nearly $5 million in Bitcoin to recover its stolen data.
On Friday, DarkSide said it was shutting down because of unspecified “pressure” from the United States.
For years, government officials and industry executives have run elaborate simulations of a targeted cyberattack on the power grid or gas pipelines in the United States, imagining how the country would respond.
But when the real, this-is-not-a-drill moment arrived, it didn’t look anything like the war games.
The attacker was not a terror group or a hostile state like Russia, China or Iran, as had been assumed in the simulations. It was a criminal extortion ring. The goal was not to disrupt the economy by taking a pipeline offline but to hold corporate data for ransom.
The most visible effects — long lines of nervous motorists at gas stations — stemmed not from a government response but from a decision by the victim, Colonial Pipeline, which controls nearly half the gasoline, jet fuel and diesel flowing along the East Coast, to turn off the spigot. It did so out of concern that the malware that had infected its back-office functions could make it difficult to bill for fuel delivered along the pipeline or even spread into the pipeline’s operating system.
What happened next was a vivid example of the difference between tabletop simulations and the cascade of consequences that can follow even a relatively unsophisticated attack. The aftereffects of the episode are still playing out, but some of the lessons are already clear, and demonstrate how far the government and private industry have to go in preventing and dealing with cyberattacks and in creating rapid backup systems for when critical infrastructure goes down.
nearly $5 million in digital currency to recover its data, the company found that the process of decrypting its data and turning the pipeline back on again was agonizingly slow, meaning it will still be days before the East Coast gets back to normal.
seeks to mandate changes in cybersecurity.
And he suggested that he was willing to take steps that the Obama administration hesitated to take during the 2016 election hacks — direct action to strike back at the attackers.
“We’re also going to pursue a measure to disrupt their ability to operate,” Mr. Biden said, a line that seemed to hint that United States Cyber Command, the military’s cyberwarfare force, was being authorized to kick DarkSide off line, much as it did to another ransomware group in the fall ahead of the presidential election.
Hours later, the group’s internet sites went dark. By early Friday, DarkSide, and several other ransomware groups, including Babuk, which has hacked Washington D.C.’s police department, announced they were getting out of the game.
Darkside alluded to disruptive action by an unspecified law enforcement agency, though it was not clear if that was the result of U.S. action or pressure from Russia ahead of Mr. Biden’s expected summit with President Vladimir V. Putin. And going quiet might simply have reflected a decision by the ransomware gang to frustrate retaliation efforts by shutting down its operations, perhaps temporarily.
The Pentagon’s Cyber Command referred questions to the National Security Council, which declined to comment.
The episode underscored the emergence of a new “blended threat,” one that may come from cybercriminals, but is often tolerated, and sometimes encouraged, by a nation that sees the attacks as serving its interests.That is why Mr. Biden singled out Russia — not as the culprit, but as the nation that harbors more ransomware groups than any other country.
“We do not believe the Russian government was involved in this attack, but we do have strong reason to believe the criminals who did this attack are living in Russia,” Mr. Biden said. “We have been in direct communication with Moscow about the imperative for responsible countries to take action against these ransomware networks.”
With Darkside’s systems down, it is unclear how Mr. Biden’s administration would retaliate further, beyond possible indictments and sanctions, which have not deterred Russian cybercriminals before. Striking back with a cyberattack also carries its own risks of escalation.
The administration also has to reckon with the fact that so much of America’s critical infrastructure is owned and operated by the private sector and remains ripe for attack.
“This attack has exposed just how poor our resilience is,” said Kiersten E. Todt, the managing director of the nonprofit Cyber Readiness Institute. “We are overthinking the threat, when we’re still not doing the bare basics to secure our critical infrastructure.”
The good news, some officials said, was that Americans got a wake-up call. Congress came face-to-face with the reality that the federal government lacks the authority to require the companies that control more than 80 percent of the nation’s critical infrastructure adopt minimal levels of cybersecurity.
The bad news, they said, was that American adversaries — not only superpowers but terrorists and cybercriminals — learned just how little it takes to incite chaos across a large part of the country, even if they do not break into the core of the electric grid, or the operational control systems that move gasoline, water and propane around the country.
Something as basic as a well-designed ransomware attack may easily do the trick, while offering plausible deniability to states like Russia, China and Iran that often tap outsiders for sensitive cyberoperations.
It remains a mystery how Darkside first broke into Colonial’s business network. The privately held company has said virtually nothing about how the attack unfolded, at least in public. It waited four days before having any substantive discussions with the administration, an eternity during a cyberattack.
Cybersecurity experts also note that Colonial Pipeline would never have had to shut down its pipeline if it had more confidence in the separation between its business network and pipeline operations.
“There should absolutely be separation between data management and the actual operational technology,” Ms. Todt said. “Not doing the basics is frankly inexcusable for a company that carries 45 percent of gas to the East Coast.”
Other pipeline operators in the United States deploy advanced firewalls between their data and their operations that only allow data to flow one direction, out of the pipeline, and would prevent a ransomware attack from spreading in.
Colonial Pipeline has not said whether it deployed that level of security on its pipeline. Industry analysts say many critical infrastructure operators say installing such unidirectional gateways along a 5,500-mile pipeline can be complicated or prohibitively expensive. Others say the cost to deploy those safeguards are still cheaper than the losses from potential downtime.
Deterring ransomware criminals, which have been growing in number and brazenness over the past few years, will certainly be more difficult than deterring nations. But this week made the urgency clear.
“It’s all fun and games when we are stealing each other’s money,” said Sue Gordon, a former principal deputy director of national intelligence, and a longtime C.I.A. analyst with a specialty in cyberissues, said at a conference held by The Cipher Brief, an online intelligence newsletter. “When we are messing with a society’s ability to operate, we can’t tolerate it.”
Since the DarkSide account was opened in March, Elliptic said, it had received $17.5 million from 21 Bitcoin wallets, indicating the number of ransoms it had collected just this spring. Cybersecurity analysts assess that the group has been active since at least August, and has most likely used a number of different Bitcoin wallets to receive ransoms.
The intense scrutiny that followed the Colonial Pipeline attack has clearly unsettled ransomware groups. This week, the operators behind two major Russian-language ransomware platforms, REvil and Avaddon, announced strict new rules governing the use of their products, including bans on targeting government-affiliated entities, hospitals or educational institutions.
The administrator of XSS, a popular Russian-language cybercrime forum, announced an immediate ban on all ransomware activity on the forum, citing, among other things, the bad press associated with the industry. In a statement posted in the forum, the administrator called the attention a “critical mass of harm, nonsense, hype and noise,” saying even the spokesman for President Vladimir V. Putin of Russia had weighed in on the Colonial Pipe attack. (The spokesman, Dmitri S. Peskov, denied that the Kremlin had been involved in the attack on the pipeline.)
“The word ransom has become associated with a whole series of unpleasant things — geopolitics, blackmail, government cyberattacks,” the XSS administrator wrote. “This word has become dangerous and toxic.”
Even if DarkSide has shut down, the threat from ransomware has not passed. Cybercriminal networks often disband, regroup and rebrand themselves in an effort to throw off law enforcement, cybersecurity experts say.
“It’s likely that these ransomware operators are trying to retreat from the spotlight more than suddenly discovering the error of their ways,” said Mark Arena, Intel 471’s chief executive. “A number of the operators will most likely continue to operate in their own close-knit groups, resurfacing under different aliases and ransomware names.”
Indeed, DarkSide gave no indication that its members were getting out of the ransomware business or even letting victims currently infected with the group’s malware off the hook. In its statement, DarkSide said it would hand over its decryption tools to affiliates, giving these intermediaries, who were responsible for infecting computer systems with the group’s malicious software, the ability to negotiate ransoms with victims directly.
“You will be given decryption tools for all the companies that haven’t paid yet,” the statement read. “After that, you will be free to communicate with them wherever you want in any way you want.”
In a separate ransomware attack on the Washington, D.C., Metropolitan Police Department, hackers said the price the police offered to pay was “too small” and dumped 250 gigabytes of the department’s data online this week, including databases that track gang members.
In his remarks on Thursday, Mr. Biden seized on the Colonial Pipeline hack as further proof that the United States needed to improve its critical infrastructure, and he urged lawmakers to back his $2.3 trillion proposal to rebuild roads, bridges, pipelines and other projects.
Republicans have balked at the size of Mr. Biden’s proposals, accusing the president of wanting to raise taxes to pay for things that they do not consider infrastructure, like programs for home health aides. Mr. Biden has proposed to increase taxes on wealthy people and corporations to pay for his spending, but has said he is open to other ideas.
“I’m willing to negotiate, as I indicated yesterday to the House members and to the leadership,” Mr. Biden said. “But it’s clearer than ever that doing nothing is not an option.”
Gasoline prices rose by roughly 3 cents in South Carolina and Georgia from Wednesday to Thursday, about half the amount of the increases of the previous few days. But prices in Tennessee, which depends on an offshoot of the pipeline, rose by 6 cents, to $2.87 for a gallon of regular. Nationwide, the average price for a gallon of regular increased by 2 cents, to $3.03, according to the AAA auto club.
Gasoline supplies vary from state to state along the pipeline, in part because some places have more storage than others. In New Jersey, only 1 percent of gasoline stations lacked fuel early Thursday morning, while more than half of the stations in Virginia, North Carolina and South Carolina were out of fuel, according to GasBuddy, an app that monitors fuel supplies. Friday is traditionally the biggest day for gasoline sales.
It is likely to take at least through the weekend for supply at all gasoline stations to return to normal functioning because it takes time for fuel to pass through the pipeline.
Colonial Pipeline paid its extortionists roughly 75 Bitcoin, or nearly $5 million, to recover its stolen data, according to people briefed on the transaction.
The payment came after cybercriminals last week held up Colonial Pipeline’s business networks with ransomware, a form of malware that encrypts data until the victim pays, and threatened to release it online. Colonial Pipeline pre-emptively shut down its pipeline operations to keep the ransomware from spreading and because it had no way to bill customers with its business and accounting networks offline.
The shutdown of the company’s network, which includes 5,500 miles of pipeline that supplies nearly half the gas, diesel and jet fuel to the East Coast, triggered a cascading crisis that led to emergency meetings at the White House, a jump in gas prices, panic buying at the gas pumps, and forced some airlines to make fuel stops on long-haul flights.
The ransom payment was first reported by Bloomberg. A spokeswoman for Colonial declined to confirm or deny that the company had paid a ransom.
first reported that Colonial had shut down its pipeline partly because its billing systems were taken offline and it had no way to charge customers.
Many organizations across the United States, including police departments, have opted to pay their ransomware extortionists rather than suffer the loss of critical data or incur the costs of rebuilding computer systems from scratch.
In a separate ransomware attack on the Washington, D.C., Metropolitan Police Department, hackers said the price the police offered to pay was “too small” and dumped 250 gigabytes of the department’s data online this week, including databases that track gang members and social media preservation requests.
“This is an indicator of why we should pay,” the cybercriminals, called Babuk, said in a post online. “The police also wanted to pay us, but the amount turned out to be too small. Look at this wall of shame,” they wrote, “you have every chance of not getting there. Just pay us!”
Gasoline prices continued to rise across the Southeast on Thursday, but at a slower pace generally than in recent days, as the operator of Colonial Pipeline said it had made “substantial progress” in resuming the delivery of fuel along the East Coast.
“Product delivery has commenced to all markets we serve,” the pipeline’s operator said Thursday afternoon. “It will take several days for the product delivery supply chain to return to normal. Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions.”
The pipeline, which stretches from Texas to New Jersey and delivers nearly half of the transport fuels for the Atlantic Coast, was shut down because of a ransomware cyberattack on Friday. Operations have gathered momentum since the pipeline partially restarted late Wednesday.
Gasoline prices rose by roughly 3 cents in South Carolina and Georgia from Wednesday to Thursday, about half the amount of the increases of the previous few days. But prices in Tennessee, which depends on an offshoot of the pipeline, rose by 6 cents, to $2.87 for a gallon of regular. Nationwide, the average price for a gallon of regular increased by 2 cents to $3.03, according to the AAA auto club.
Gasoline supplies vary from state to state along the pipeline, in part because some places have more storage than others. In New Jersey, only 1 percent of gasoline stations lacked fuel early Thursday morning, while more than half of the stations in Virginia, North Carolina and South Carolina were out of fuel, according to GasBuddy, an app that monitors fuel supplies.
It is likely to take at least through the weekend for supply at all gasoline stations to return to normal functioning, because it takes time for fuel to pass through the pipeline.
President Biden, speaking on national television, urged motorists not to panic.
“They should be reaching full operational capacity as we speak, as I speak to you right now,” Mr. Biden said at the White House. “That is good news. But we want to be clear, we will not feel the effects at the pump immediately. This is not like flicking on a light switch.”
An internal assessment by the Departments of Energy and Homeland Security noted that the fuel “travels through the pipeline at 5 miles per hour” and would take “approximately two weeks to travel from the Gulf Coast to New York.” Supplemental supplies transported in tanker trucks and tanker vessels connecting the Gulf and Atlantic coasts also can take up to a week or more.
The Biden administration has temporarily eased the Jones Act, which prohibits foreign vessels from delivering goods from one domestic port to another. The administration said Thursday that a waiver had been granted to one company and that it would consider other waiver requests.
“This waiver will enable the transport of additional gas and jet fuel to ease supply constraints,” Jen Psaki, the White House press secretary, said in a statement. The Jones Act, which is over a century old and is designed to protect American shipping, is usually waived to compensate for supply interruptions during hurricanes.
Panic buying contributed to the fuel shortages. At some stations, people were filling up gasoline cans, forcing others to wait longer and causing shouting matches.
Friday is traditionally the biggest day for gasoline sales. But energy analysts were optimistic that the crisis would soon pass.
“The restart of the pipeline is very positive news for motorists,” said Jeanette McGee, the director for external communications for AAA. “While impact won’t be seen immediately and motorists in affected areas can expect to see a few more days of limited fuel supply, relief is coming.”
She said station pumps will be full in “several days,” ahead of the Memorial Day weekend, a heavy driving time.
The Federal Bureau of Investigation has identified an organized crime group called DarkSide as the attacker. The group is believed to operate from Eastern Europe, possibly Russia. While the attack was not on the pipeline itself, Colonial shut down both its information systems and the pipeline until it was sure it could safely manage the flow of fuel.
David E. Sanger and Michael D. Shear contributed reporting.
WASHINGTON — As the East Coast suffered from the effects of a ransomware attack on a major petroleum pipeline, President Biden signed an executive order on Wednesday that placed strict new standards on the cybersecurity of any software sold to the federal government.
The move is part of a broad effort to strengthen the United States’ defenses by encouraging private companies to practice better cybersecurity or risk being locked out of federal contracts. But the bigger effect may arise from what could, over time, become akin to a government rating of the security of software products, much the way automobiles get a safety rating or restaurants in New York get a health safety grade.
The order comes amid a wave of new cyberattacks, more sophisticated and far-reaching than ever before. Over the past year, roughly 2,400 ransomware attacks have hit corporate, local and federal offices in extortion plots that lock up victims’ data — or publish it — unless they pay a ransom.
The most urgent fear is an attack on critical infrastructure, a point made clear this week to Americans, who were panic-buying gasoline. A ransomware attack on Colonial Pipeline’s information systems forced the company to shut down a critical pipeline that supplies 45 percent of the East Coast’s gasoline, diesel and jet fuel for several days.
SolarWinds hack, in which Russia’s premier intelligence agency altered the computer code of an American company’s network management software. It gave Russia broad access to 18,000 agencies, organizations and companies, mostly in the United States.
The new order also requires all federal agencies to encrypt data, whether it is in storage or while it is being transmitted — two very different challenges. When China stole 21.5 million files about federal employees and contractors holding security clearances, none of the files were encrypted, meaning they could be easily read. (Chinese hackers, investigators later concluded, encrypted the files themselves — to avoid being detected as they sent the sensitive records back to Beijing.)
Previous efforts to mandate minimum standards on software have failed to get through Congress, notably in a major showdown nine years ago. Small businesses have said the changes are not affordable, and larger ones have opposed an intrusive role of the federal government inside their systems.
But Mr. Biden decided it was more important to move quickly than to try to fight for broader mandates on Capitol Hill. His aides said it was a first step, and industry officials said it was bolder than they expected.
Amit Yoran, the chief executive of Tenable and a former cybersecurity official in the Department of Homeland Security, said the question on everyone’s mind was whether Mr. Biden’s order would stop the next Colonial or SolarWinds attacks.
“No one policy, government initiative or technology can do that,” Mr. Yoran said. “But this is a great start.”
Government officials have complained that Colonial had poor defenses, and while it established a hard shell around its computer networks, it had no way of monitoring an adversary who got inside. The Biden administration hopes the standards set out in the executive order, requiring multifactor authentication and other safeguards, will become widespread and improve security globally.
Senator Mark Warner, Democrat of Virginia and the chairman of the Senate Intelligence Committee, praised the order but said it would need to be followed by congressional action.
Mr. Warner said recent attacks “have highlighted what has become increasingly obvious in recent years: that the United States is simply not prepared to fend off state-sponsored or even criminal hackers intent on compromising our systems for profit or espionage.”
The new order is the first major public part of a multilayered review of defensive, offensive and legal strategies to take on adversaries around the world. This executive order, however, focuses entirely on deepening defenses, in hopes of deterring attackers because they fear they would fail — or run a higher risk of being detected.
The Justice Department is ramping up a new task force to take on ransomware, after the discovery in recent months that such attacks are more than just extortion, they can bring down sectors of the economy.
Mr. Biden announced sanctions against Russia for the SolarWinds hack, and his national security adviser, Jake Sullivan, has said there will also be “unseen” consequences. So far, the United States has not taken similar action against China’s government for its presumed involvement in another attack, exploiting holes in a Microsoft system used by large companies around the world.
The executive order was first drafted in February in response to the SolarWinds intrusion. That attack was especially sophisticated because hackers working for the Russian government managed to change code under development by the company, which unsuspectingly distributed the malware in an update to its software packages. It was discovered during Mr. Biden’s transition and led him to declare he could not trust the integrity of federal computer systems.
The review board created under the executive order will be co-led by the secretary of homeland security and a private-sector official, based on the specific episode it is investigating at the time, in an effort to win over industry executives who fear the investigations could be fodder for lawsuits.
Because it was created by an executive order, not an act of Congress, the new board will not have the same broad powers as a safety board. But officials are still hopeful it will be valuable in learning of vulnerabilities, improving security practices and urging companies to invest more in improving their networks.
Much of the executive order is focused on information sharing and transparency. It aims to speed the time companies that have been victimized by a hack or discover vulnerabilities share that information with the Cybersecurity and Infrastructure Security Agency.