Colonial Pipeline, the largest fuel pipeline in the United States, was forced to shut down its operations after it was hit with a ransomware attack.
Colonial Pipeline transports refined petroleum products between refineries located in the Gulf Coast and markets throughout the southern and eastern United States. The company transports 2.5 million barrels per day through its 5,500-mile pipeline and provides 45% of all fuel consumed on the East Coast.
As per the report by CNBC, Colonial Pipeline suffered a ransomware attack and the company had to shut down their entire network to prevent the spread of the malware.
The company has confirmed the attack and stated that they had taken certain systems offline to contain the threat, temporarily halted all pipeline operations.
They have engaged a leading, third-party cybersecurity firm and they have already started an investigation into the nature and scope of this incident, which is ongoing.
A US official has told the Washington Post that the DarkSide ransomware operation is believed to be behind the attack.
Similar to other enterprise-targeting ransomware operations, when DarkSide gains access to a corporate network, they will spread to other devices while gathering credentials and stealing unencrypted documents.
Once they gain access to Windows domain credentials, they will deploy the ransomware throughout the network to encrypt devices.
If DarkSide has performed the attack, then it is likely that they have stolen the data which will be used to extort Colonial Pipeline in their ransom demands.
Some of the high-profile attacks previously conducted by the DarkSide gang include CompuCom, Discount Car and Truck Rentals and Brookfield Residential.
