Colonial Pipeline will restart operations on Wednesday evening, U.S. Energy Secretary Jennifer Granholm said, after a cyber attack forced the company to shut down the nation’s largest fuel pipeline for nearly a week.
“We just got off the phone with #ColonialPipeline CEO. They are restarting pipeline operations today at ~5pm,” Granholm wrote in a post on Twitter.
We just got off the phone with #ColonialPipeline CEO. They are restarting pipeline operations today at ~5pm. More soon.
— Secretary Jennifer Granholm (@SecGranholm) May 12, 2021
Colonial Pipeline does not plan to pay the ransom demanded by hackers who have encrypted its data, according to sources familiar with the company’s response on Wednesday.
Stop the censors, sign up to get today’s top stories delivered right to your inbox
Colonial declined to comment.
The hack prompted a pipeline shutdown that is now in its sixth day and has led to panic buying and gasoline shortages in the southeastern United States.
Colonial Pipeline is working closely with law enforcement and U.S. cybersecurity firm FireEye to mitigate the damage and restore operations.
The Colonial and government answer to the breach is being closely watched after one of the most direct hacking attacks on American critical infrastructure after years of warnings.
Ransomware attacks have increased in recent years, with hackers encrypting data and demanding payment in cryptocurrency to unlock it. They increasingly release stolen data as well, or threaten to unless they are paid more.
Investigators in the Colonial case say the attack software was distributed by a gang called DarkSide, which includes Russian speakers and avoids hacking targets in the former Soviet Union.
In four months, we’ve gone from energy independence to lines to get gas.
— Rep. Jim Jordan (@Jim_Jordan) May 12, 2021
Officials so far have found no significant connection to the Russian government, instead concluding that the pipeline company delivering 45% of the U.S. East Coast’s oil was crippled by an ordinary ransomware attack.
DarkSide lets “affiliates” hack into targets elsewhere, then handles the ransom negotiation and data release. Two people involved with the Colonial investigation said the affiliate in this case was a Russian criminal with no special government ties.
Reuters contributed to this report.
ARTICLE SOURCE : thefederalistpapers.org