Colonial Pipeline said Saturday the cyber attack involves ransomware and it has hired a third-party security firm to investigate.
Colonial Pipeline, the largest US refined fuel pipeline operator, has shut down operations because of a cyber attack, the company said.
The incident involved ransomware, the company said on Saturday. It did not give further details of the attack or who who might have carried it out.
After learning it was "the victim of a cybersecurity attack," the pipeline operator on Friday took some systems offline, temporarily halting pipeline operations and certain IT systems. It also hired an outside cybersecurity firm, the company said in a statement.
"At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation," the statement said.
The company is the country's largest refined products pipeline operator, transporting more than 100 million gallons of gasoline, diesel, jet fuel, and home heating oil, daily through a pipeline system that spans 5,500 miles from Houston, Texas to the New York area.
Colonial's pipelines transport approximately 45% of all fuel consumed on the East Coast, according to its website.
Federal authorities and law enforcement have also been contacted about the attack, according to Colonial.
Cybersecurity experts have long warned that critical parts of the national infrastructure could be vulnerable to a cyber attack. The Biden administration last month rolled out an initiative to ramp up cybersecurity of the nation's power grid.
"Unfortunately, the cyber attack against Colonial Pipeline is only a teaser of the future of cyber attacks," said Grant Geyer, Chief Product Officer at industrial cybersecurity company Claroty. "As cyber criminals and foreign adversaries seek opportunities for financial gain and power projection, our national critical infrastructure is an easy target," Geyer said.
Ransomware is a kind of malware that can lock you out of your computer files unless you agree to pay a ransom fee. The attack is considered to be the most severe cybersecurity threat facing government agencies and private companies. Last year, criminals paralyzed thousands of companies and organizations by locking up their computer networks and demanding a ransom.
The incident comes as demand for travel, and fuel, heats up heading in to the summer months as more people get vaccinated for COVID
-19 and pandemic restrictions are lifted. Colonial did not say how long it expects its operations to be shut down. A prolonged shut down could cause turmoil in fuel markets next week. Gasoline futures gained 0.6% on Friday.
The attack on Colonial follows a string of high profile breaches. SolarWinds, a Texas-based IT firm, was the subject of a cyberattack that went undetected for months — as a result of the hack, foreign attackers were able to spy on private companies as well as government agencies, including the Treasury Department and the Department of Homeland Security.
Earlier this year, thousands of organizations across the US were hacked through flaws in Microsoft's Exchange server email software.