A ransomware attack by a shadowy online criminal group knocked out a major U.S. fuel pipeline over the weekend, causing the price of gasoline futures to inch higher on Monday.
Update 7:14 a.m. May 11: The FBI confirmed DarkSide is the group responsible for bringing down the Colonial Pipeline. At the same time, the White House is keeping an eye on potential fuel supply shortages in parts of the Southeast, The Associated Press reported.
DarkSide is made up of Russian speakers and the malware was created to not attack networks that use Russian-language keyboards, the AP reported. It has been watched by the FBI for months, the White House deputy national security adviser for cyber and emergency technology said. Anne Neuberger said the group demands ransom from victims then splits the money with the programmers.
Neuberger would not confirm if Colonial Pipeline paid a ransom and the company did not confirm nor deny if it had.
Update 12:49 p.m. May 10: Colonial Pipeline said Monday that it expects to have the pipeline flowing again by the end of the week.
Original report: DarkSide, a gang that creates a Robin Hood image by stealing from corporations and giving a portion to charity, carried out a cyberextortion attempt Friday, forcing Georgia-based Colonial Pipeline to shut down its operations, The Associated Press reported.
The pipeline carries 2.5 million gallons daily, about 45%, of the fuel used on the East Coast, the company said.
Futures rose 1.5% Monday, the largest movement in about a week, as the potential disruptions to fuel delivery are still unknown. Futures, the prices traders pay on contracts for delivery at some later date, typically rise and fall. The increases usually coincide with the driving season, and forecast rising prices at the pump. In the last two weeks, the average price of regular grade gasoline has increased six cents to $3.02. The price of gasoline is significantly higher than a year ago, when the nation was in lockdown because of the coronavirus pandemic.
In an effort to avoid disruptions in fuel supply, on Sunday the Department of Transportation lifted some hours-of-service regulations for drivers carrying gasoline, diesel, jet fuel or other refined petroleum products, allowing them to work extra or flexible hours.
Colonial Pipeline said Saturday it was hit by a ransomware attack and shut down operations Friday to investigate. On Sunday, the company had developed a “system restart” and while the main pipeline was still offline, smaller ones were starting to flow.
“We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations,” the company said in a statement.
DarkSide, the group believed to be responsible, claims not to attack hospitals or nursing homes, educational facilities or government entities. The group has been active since August. It has neither announced the attack or posted about it, The Associated Press reported.
The Associated Press contributed to this report.