November 30, 2023

Signage will be displayed on a fence at the Colonial Pipeline Co. Pelham intersection and terminal in Pelham, Alabama, USA on Monday, September 19, 2016.

Luke Sharrett | Bloomberg | Getty Images

The operator of the country’s largest fuel pipeline, the Colonial Pipeline, was victim of a cybersecurity attack using ransomware on Friday. He forced the company to temporarily suspend all pipeline operations and raised concerns that the failure could lead to a shortage of gas, diesel and jet fuel.

The company confirmed that it was the victim of a ransomware attack on Saturday.

Colonial Pipeline hired a third-party cybersecurity firm to investigate the incident and reached out to law enforcement and other federal agencies. The cyber attack also affected some of its IT systems.

The FBI was informed of the disruption on Friday and is working closely with the company and government partners, a spokesman said on Saturday.

The Colonial Pipeline, which carries nearly half of the east coast’s fuel supplies, said it was “taking steps to understand and solve this problem.”

“Right now, our main focus is on the safe and efficient restoration of our service and our efforts to get back to normal operations,” said a company statement.

“This process is already underway and we are working diligently to address this issue and minimize disruption for our customers and those who depend on Colonial Pipeline,” the company said.

President Joe Biden was briefed on the incident Saturday morning and the federal government is working to avoid disruptions in supplies, according to a White House spokesman.

“The federal government is actively working to evaluate the impact of this incident, avoid supply disruptions and help the company to restore pipeline operations as soon as possible,” the spokesman said.

Colonial operates the largest refined product pipeline in the United States, according to its website, shipping 2.5 million barrels a day. Refined products include gas, diesel, heating oil, and jet fuel. The pipeline also supplies the US military.

Colonial’s system spans more than 5,500 miles between Texas and New Jersey, connecting refineries on the Gulf Coast to more than 50 million people in the southern and eastern United States, the company said.

Colonial Pipeline is privately owned by five companies: CDPQ Colonial Partners, IFM (US) Colonial Pipeline 2, KKR-Keats Pipeline Investors, Koch Capital Investments Company, and Shell Midstream Operating.

Effects on the fuel market

John Kilduff, a partner at Again Capital in New York, said that if the outage persists, gasoline, diesel, and jet fuel shortages will quickly emerge in the United States.

“It appears that it was more of a ransomware attack than a state actor, but it shows the significant security flaw across the industry,” said Kilduff. “If there is no resumption of operations or at least no clarity about a resumption by tomorrow evening, gasoline prices will skyrocket on Sunday evening.”

Andy Lipow, president of Lipow Oil Associates, based in Texas, said an outage that would last a day or two would cause some minor inconvenience and greater impact after four to five days of shutdown.

There could also be possible sporadic outages if a certain terminal was dependent on a delivery today or tomorrow and this is now delayed, said Lipow.

“Unlike the February frost or the hurricane, refineries are still operating, converting crude oil into gasoline, jet and diesel. They just can’t get it to the terminals,” said Lipow. “Prolonged colonial pipeline downtime will force refineries to lower their operating rates as refinery stocks fill up.”

“While they may not be able to ship it to Colonial, the refineries will certainly continue to ship to the Midwestern markets,” said Lipow.

Federal answer

The Biden government announced a 100-day plan in April to protect the country’s electrical systems supply chain from cyberattacks amid growing concerns over the vulnerability of U.S. power supplies to cyber threats.

The Federal Energy Regulatory Commission, which oversees interstate pipelines, said it was aware of the cyberattack and is monitoring the situation.

“We are aware that it appears to be a serious cyber attack on the Colonial Pipeline system,” said chairman Richard Glick in a statement to CNBC. “FERC is in communication with other federal agencies and we are working closely with them to monitor developments.”

According to an agency spokesman, the U.S. Department of Energy is coordinating with Colonial Pipeline, the energy sector, states and interagency partners to support the response effort.

“DOE also works closely with the coordination councils of the energy sector and the centers for the exchange and analysis of energy information and monitors possible effects on the energy supply,” the spokesman told CNBC.

Eric Goldstein, assistant director of cybersecurity at the agency for cybersecurity and infrastructure security, said the agency is working with partners from Colonial Pipeline and Interagenten.

“This underscores the threat ransomware poses to businesses regardless of size or industry,” Goldstein said.