Cyberattack Shuts Down Major US Fuel Pipeline
A major U.S. fuel pipeline remains largely shut down Monday after a cyberattack caused service to be suspended.
The incident, reported Friday, led to the shutdown of a main fuel line operated by Colonial Pipeline, a company based in Georgia. The pipeline carries gasoline and other fuel from Texas to the U.S. Northeast. The company says it supplies about 45 percent of all the fuel used on the U.S. East Coast.
Some are considering the cyberattack the most damaging so far against important U.S. infrastructure.
Colonial said Monday it hopes to have most of its fuel transportation system running again by the end of the week. The company is in the process of restarting its network, which transports over 2.5 million barrels of gasoline, diesel and jet fuel each day.
The company says it was hit by a ransomware attack. In such attacks, online attackers infect the computer systems of organizations and hijack information in a way that leaves it unreadable. The attacker then demands payment in exchange for returning the information to a readable state.
Law enforcement agencies are investigating the incident. The Federal Bureau of Investigation (FBI) said Monday the attack was carried out by a criminal group known as DarkSide.
A news release issued Monday in the name of DarkSide stated its purpose, but did not name Colonial Pipeline, Reuters news agency reported. "Our goal is to make money, and not creating problems for society," the group said.
Cybersecurity experts who have studied DarkSide say the group appears to be made up of experienced cybercriminals who aim to get as much money as they can from their targets. "They're very new but they're very organized," said Lior Div, chief of Cybereason, a security company based in Boston.
DarkSide claims it does not attack hospitals, nursing homes or educational or government targets. It says it donates part of the money it receives to charity. Like most other major ransomware groups, it is known to avoid targeting organizations in former Soviet bloc nations. This suggests a link to former Soviet republics.
The administration of President Joe Biden said it has made restarting the fuel network a top goal. The administration said it is working with several agencies on plans to avoid severe fuel disruptions.
If a shutdown continues, fuel suppliers would need to use trucks and trains to transport fuel. The Department of Transportation announced emergency measures Sunday to keep deliveries moving. The agency lifted driver restrictions on fuel transporters in 17 states affected by the shutdown.
Experts said gasoline prices are not likely to be affected if the pipeline is able to restart operations in the next few days. But they said the incident should raise awareness of the serious threats companies can face.
David Kennedy established TrustedSec, a company that helps organizations prepare for and fight cyberattacks. He told the AP that once a ransomware attack is discovered, companies have few choices. They can either completely rebuild their infrastructure or pay the amount of money being demanded.
"Ransomware is absolutely out of control and one of the biggest threats we face as a nation," Kennedy said. "The problem we face is most companies are grossly underprepared to face these threats."
I'm Bryan Lynn.
1. in the process of 在…的过程中；正在做；
They were in the process of resolving all the unsettled issues.
2. in exchange for 作为交换；
It is illegal for public officials to solicit gifts or money in exchange for favors.
3. in the name of 代表；以…的名义；
We have a reservation in the name of Grant.
4. be made up of 组成；构成；
The entire universe is made up of different kinds of matter.
媒体上周五报道称，这起事件导致佐治亚州殖民管道公司运营的一条主要燃油管道关闭 。这条管道将汽油和其他燃料从得克萨斯州运往美国东北部地区 。该公司表示，该管道提供的燃料占美国东海岸供应量的 45% 。
殖民管道公司周一表示，其希望公司的大部分燃油运输系统能在本周末前恢复运行 。该公司正在重新启动网络，这条管道每天输送250多万桶汽油、柴油和喷气燃料 。
该公司称，其受到了勒索软件的袭击 。在这种攻击中，网络攻击者感染机构的计算机系统，用导致系统无法读取的方式劫持信息 。之后攻击者会要求支付赎金，以换取让信息返回可读状态 。
执法机构正在调查这起事件 。美国联邦调查局（简称FBI）周一表示，攻击由名为DarkSide的犯罪组织实施 。
据路透社报道，周一以DarkSide名义发布的新闻稿表明了其目的，但并未点名殖民管道公司 。该组织表示，“我们的目的是赚钱，不是为社会制造问题 。”
研究DarkSide组织的网络安全专家表示，这个组织似乎由经验丰富的网络罪犯组成，他们的目的是从袭击目标处获得尽可能多的钱 。总部设在波士顿的安全公司Cybereason的负责人利奥尔·迪夫表示，“这个组织成立时间不长，但他们相当有组织性 。”
DarkSide组织称，其不会攻击医院、疗养院或教育和政府部门 。该组织称，他们将收到的部分赎金捐给慈善机构 。众所周知，与大多数主要的勒索软件组织一样，DarkSide也避免针对前苏联国家的机构 。这表明该组织与前苏联加盟共和国有联系 。
美国总统乔·拜登领导的政府表示，其首要目标是重启燃料网络 。美国政府表示，他们正在与多家机构合作制定计划，以避免严重的燃料中断 。
如果管道继续关闭，那燃料供应商就要用卡车和火车运输燃料 。为保持运输，美国交通部周日宣布了紧急措施 。该机构放宽了受管道关闭影响的17个州的燃油运输限制 。
专家表示，如果未来几天管道能够恢复运营，那汽油价格不太可能受到影响 。但他们表示，这一事件应该提高人们对企业可能面临的严重威胁的认识 。
大卫·肯尼迪是TrustedSec公司的创始人，这家公司帮助机构为应对网络攻击做准备 。他对美联社表示，一旦发现勒索软件攻击，公司可以选择的做法少之又少 。他们可以完全重建基础设施，也可以支付攻击者要求的赎金 。
肯尼迪表示，“勒索软件已经完全失控，是我们作为国家面临的最大威胁之一 。问题是，大多数公司在面对这些威胁时准备不足 。”