The operator of a major Colonial Pipeline, hit by a cyberattack, said that it hopes to have services mostly restored by the end of the week as the administration officials and the culprits were identified by the FBI as a gang of criminal hackers.
The company said on Monday that it was working toward substantially restoring operational service by the weekend and US officials sought to soother concerns damage to the economy and price spikes by stressing that so far, the fuel supply had not experienced widespread disruptions.
In a statement, late Monday, the White House said that it was monitoring supply shortages in the Southeastern parts and also that Joe Biden had directed federal agencies to bring their resources to bear.
Last week, operations were halted of Colonial Pipeline which delivers about 45% of the fuel consumed on the East Coast, after revealing a ransomware attack that it said had affected some of its systems.
The attack, nonetheless, underscored the vulnerabilities of the energy sector of the nation and other critical industries whose infrastructure was largely publicly owned. Typically, ransomware attacks are carried out by criminal hackers who paralyze victim networks and who scramble data and demand large payments to decrypt it.
The real-world implications of the burgeoning threat were given as a reminder after the colonial attack. The Biden administration must still contend with difficult-to-prevent attacks from cybercriminals, even as the administration works to confront organized hacking campaigns sponsored by foreign governments.
On Monday, Biden said that they need to invest to safeguard their critical infrastructure. Jennifer Granholm, Energy Secretary, said that the attack told them how utterly vulnerable they were to cyberattacks on US infrastructure.
While working on an executive order aimed at bolstering cybersecurity defenses, the administration was still grappling with its response to massive breaches by Russia of federal agencies and private corporations. Meanwhile, the Justice Department has formed a ransomware task force designed for situations just like Colonial Pipeline. On April 20, the Energy Department announced a 100-day initiative focused on protecting energy infrastructure from cyber threats. For other critical industries, similar actions are planned, such as natural gas and water.
REACTIONS ON THE ATTACK ON COLONIAL PIPELINE
The challenges facing the private sector and government, despite that, remain immense.
On Monday, the FBI publicly assigned blame, in this case, by saying that the criminal syndicate whose ransomware was used in the attack was named DarkSide. Russian speakers were the members of the group and the malware of the syndicate was coded not to attack networks using Russian-language keyboards. However, Russia denied any involvement in the attack.
At a briefing, the White House Deputy National Security Adviser for Cyber and Emerging Technology, Anne Neuberger, said that the group has been on the radar of the FBI for months. She said that the business model of the group was to demand ransom payments from victims and then split the proceeds with the developers of the ransomware while relying on what she called was a very and troubling and new variant.
When asked if Colonial Pipeline had paid any ransom, she declined and no indication has been given by the company of that one way or the other. She acknowledged the very difficult situation that victims face, though the FBI has historically discouraged victims from making payments for fear of promoting additional attacks, and she said that the administration needs to look thoughtfully at that area of how best to deter ransomware.
Later in the day, while speaking at a conference on national security, Neuberger said that the administration was committed to leveraging the massive buying power of the government to ensure that software makers make their products less vulnerable to hackers.