• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » News » Major US Gas Pipeline still offline due to cyberattack, Feds declare emergency

Major US Gas Pipeline still offline due to cyberattack, Feds declare emergency

2021-05-10 by Michelle Dvorak

Ransomware Colonial Pipeline

Larger pipelines still down, some smaller pipelines restored

Note: We may earn a commission from products or services when you click on a link and make a purchase.

Colonial Pipeline Co. is in its third day a recovering from a severe ransomware attack on its network and control systems. The company’s refined fuel pipelines were disabled after a successful ransomware attack infiltrated its corporate IT systems. The fuel transporter moves refined fuel from the Gulf of Mexico to the East Coast of the United States. Colonial was forced to take IT systems offline from ransomware that had successfully compromised its systems.

Although a forensic investigation has yet to reveal the details, it is believed that DarkSide ransomware gang is responsible for attacking colonial pipeline.

Colonial Pipeline supplies gasoline, heating oil, aviation jet fuel, and diesel fuel to the East Coast of the United States. The company’s 5,500 miles of pipelines transport about 45% of refined petroleum products sent to the East Coast of the United States.

At this time is unknown how the attackers gained access to colonial Pipeline’s IT network.

“In response to the cybersecurity attack on our system, we proactively took certain systems offline to contain the threat, which temporarily halted all pipeline operations, and affected some of our IT systems,” says the statement from Colonial Pipeline Co.

RELATED READ: Ransomware Shuts down Largest US Pipeline: Saturday Sitrep

Ransomware is a type of malicious computer code – called malware – that infects a computer or entire IT network. It takes control of infected devices and computer networks as well as the data they contain. the cybercriminals who use ransomware hold the devices, networks, and all the information on them hostage unless their ransom demands are met.

DarkSide ransomware gang typically attempts to leverage stolen data exfiltrated during a ransomware attack to demand large sums of ransom – typically millions of dollars.

Last year, the cyber criminals behind DarkSide ransomware attacked a Toronto based publicly traded Toronto company. The cybercriminals exfiltrated 200 gigabytes of data. The sensitive stolen employee files included banking information, payroll data, as well as business plans.

In March of this year, REvil ransomware gang, successfully attacked computer manufacturer Acer. The cybercriminals demanded a record-setting $50,000,000 in ransom.

Heimdel Malware Protection
Get Heimdel Malware Protection

In February, Kia Motors America was attacked by DoppelPaymer ransomware gang. The attackers demanded USD $20 million to relinquish control of KIA’s corporate IT system. The attackers had also breached Hyundai Motor America.

Attackers often take advantage of security flaws in unpatched operating systems, hardware, or apps. They may also take over a system by sending highly targeted phishing emails to corporate employees in attempts to steal there are login credentials.

Corporate phishing attacks can be exceptionally successful and highly damaging to any company.

Cyber criminals often exploit the fact that many people reuse the same password and login credentials over and over, across multiple online accounts. If the attackers are able to hack into an Instagram account, they can often use it to gain access to corporate Microsoft Office credentials, sensitive human resources data, payroll data, or banking credentials, to name just a few examples.

Using a password app to create and maintain a unique password for all of your online accounts is one of the best ways to protect your private information as well as your workplace login credentials.

Colonial Pipeline Co. says it has restored smaller pipelines that ship fuel to the U.S. East Coast, but larger ones are still offline due to the ransomware attack.

Motley Fool Stock Advisor

Feds Issue Emergency Declaration

The US Federal Motor Carrier Safety Administration (FMCSA) has issued an Emergency Declaration which affects seventeen U.S. states as well as the District of Columbia. This declaration relaxes safety regulations that pertain to commercial motor carriers making it easier for them to transport fuel during this extreme situation.

The Federal Emergency Declaration will expire at the end of the day on June 8 or when the emergency state is ended by FMCSA.

The states and jurisdictions covered by the Emergency Declaration are Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas, and Virginia.

Cyber security firm FireEye has been contracted to help Colonial get their systems back online. According to the statement from the Colonial, IT systems and pipelines will be restarted in a stepwise fashion to ensure all systems are clear of ransomware.

FireEye itself was the recent victim of a damaging cyberattack. The infamous SolarWinds cyberattack infiltrated about 18,000 IT networks worldwide including FireEye itself. Victims included several US Federal government agencies, enterprise corporations, and the systems of governments abroad.

Russian cybercriminals were able to infiltrate government IT systems because of the use of an extremely weak password. The shamefully weak password, “solarwinds123” was left on a GitHub account that was visible to the public.


READ Weak Password At SolarWinds: Saturday Sitrep


Russia has denied all responsibility for the SolarWinds attack.

“Restoring our network to normal operations is a process that requires the diligent remediation of our systems, and this takes time,” said Colonial.

Filed Under: News Tagged With: DarkSide, ransomware

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version