Federal officials have said America’s largest energy pipeline is on track to fully restore service following a ransomware attack by a group of cybercriminals.
Significant gas shortages persisted on Saturday, however, in several south-eastern states and Washington DC, according to crowdsourced data.
As of Saturday morning, 81% of Washington gas stations were seeing outages, according to GasBuddy.com. In North Carolina and Georgia, 68% and 46% of stations were seeing outages. Reports are submitted to GasBuddy by users of its app.
The Colonial Pipeline stretches from Texas to New Jersey and delivers about 45% of gasoline used on the US east coast.
A cyberattack by hackers who locked up computer systems and demanded a ransom hit the pipeline on 7 May. The hackers did not take control of operations but the Georgia-based company shut the line to prevent malware from affecting systems.
Two people briefed on the matter confirmed to the AP that the company paid a ransom of about $5m.
President Joe Biden said US officials do not believe the Russian government was involved, but said “we do have strong reason to believe that the criminals who did the attack are living in Russia”.
On Friday Biden’s energy secretary, Jennifer Granholm, said the US was “over the hump” on shortages, adding that problems peaked on Thursday and service should return to normal in most areas by the end of the weekend.
Speaking to the Associated Press, Granholm said: “The good news is that … gas station outages are down about 12% from the peak” with about 200 stations returning to service every hour. “It’s still going to work its way through the system over the next few days, but we should be back to normal fairly soon.”
Colonial reported “substantial progress” in restoring full service.
Granholm, like other federal officials, urged drivers not to panic or hoard gasoline, as some have chosen to do.
“Really, the gasoline is coming,” she said. “If you take more than what you need, it becomes a self-fulfilling prophecy in terms of the shortages. Let’s share a little bit with our neighbors and everybody should know that it’s going to be OK in the next few days.”
Granholm is leading the federal response to the ransomware attack. She said the incident showed the vulnerability not only of US infrastructure but also personal computers. Her 86-year-old mother recently suffered a ransomware attack on her iPad, Granholm said.
“So it’s just happening everywhere,” she said. “All these cybercriminals see an opportunity in the cloud and in our connectivity. And so we all have to be very vigilant. That means we’ve got to have security systems on our devices and individually we shouldn’t be clicking on any email with attachments from people you don’t know. I mean, it’s just around us.”
Biden signed an executive order on cybersecurity this week and federal agencies were working to protect critical infrastructure, Granholm said.
Much of US pipeline infrastructure is privately owned. The chairman of the Federal Energy Regulatory Commission said this week the US should establish mandatory cybersecurity standards.
“Simply encouraging pipelines to voluntarily adopt best practices is an inadequate response to the ever-increasing number and sophistication of malevolent cyber actors,” Richard Glick said.
Granholm said the US “definitely [has] to look at” mandatory security standards. The industry has opposed government mandates on cybersecurity.
Granholm also said the ransomware attack should play a role as Congress considers Biden’s $2.3tn infrastructure proposal.
“Obviously pipelines should be considered part of that,” she said. “Cybersecurity should be considered part of that. Energy infrastructure, including transmission grids, should be part of that.
“We need to upgrade across the board, and hopefully there will be some interest in a bipartisan fashion to see an upgrade in the nation’s infrastructure.”