Third-party cybersecurity experts have been roped in to probe into the nature and scope of the attack
The US government on Sunday declared a regional emergency after the unanticipated shut down of the Colonial Pipeline driven by a major ransomware attack.
Last Friday, the holding company of the refined products pipeline system, reported that it had become a victim of a cyber attack with the incident involving ransomware.
As a result, the pipeline operator made some of its systems go offline to curb the threat. However, all the company’s pipeline operations were temporarily halted and some of its IT systems were impacted by the cyber attack.
The company said that it is actively in the process of restoring the IT systems.
Several states in the US were impacted due to the shutdown of the Colonial Pipeline.
The pipeline operator said that it had engaged third-party cybersecurity experts to launch a probe into the nature and scope of the attack.
Colonial Pipeline stated: “We have remained in contact with law enforcement and other federal agencies, including the Department of Energy who is leading the Federal Government response.”
The company added that currently, its highest priorities are maintaining the pipeline’s operational security and safely bring its systems back online.
During the weekend, the company’s personnel are said to have taken additional precautionary steps to help further monitor and protect the refined products pipeline system’s safety and security.
The company said that its operations team is developing a restart plan for the pipeline system, whose mainlines – Lines 1, 2, 3 and 4 remain suspended. Operations on certain smaller lateral lines laid between terminals and delivery points have been restored.
Colonial Pipeline said that it will resume full operations only after it is deemed to be safe, while fully complying with the approval of all federal regulators.
The 8,850km long pipeline can transport over three million barrels of diesel, gasoline, and jet fuel between the US Gulf Coast and the New York Harbor area.
The US government’s Cybersecurity and Infrastructure Security Agency (CISA) cybersecurity executive assistant director Eric Goldstein said: “We are engaged with the company and our interagency partners regarding the situation.
“This underscores the threat that ransomware poses to organisations regardless of size or sector. We encourage every organisation to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.”