Colonial Pipeline Says Its Shipping Communications System Is Down

Colonial Pipeline Says Its Shipping Communications System Is Down
Holding tanks are seen in an aerial photograph at Colonial Pipeline's Charlotte Tank Farm in Charlotte, N.C., on May 10, 2021. (Drone Base/Reuters)

After becoming a victim of a days-long ransomware attack last week, Colonial Pipeline confirmed to news outlets Tuesday that its shipping communications system is down.

The firm operating the pipeline said the issue was not caused by the ransomware attack.

“Our internal server that runs our nomination system experienced intermittent disruptions this morning due to some of the hardening efforts that are ongoing and part of our restoration process. These issues were not related to the ransomware or any type of reinfection,” the firm said in a statement.

The company continued to say that it is “working diligently to bring our nomination system back online and will continue to keep our shippers updated,” adding that the 5,500-mile-long pipeline system is still “deliver[ing] refined products as nominated by our shippers.”

The ransomware attackers—later identified by the FBI and White House officials as a cybercriminal group called Darkside said to be operating in Russia—reportedly demanded $5 million from the pipeline operator to restore its service, although it hasn’t been confirmed by either Colonial or Darkside. Colonial said in an update last week that its pipeline infrastructure systems were not compromised in the hack and shut down the system as a precaution.

Colonial announced last week that it had returned service to the pipeline. The outage prompted gas and fuel shortages in Washington, Maryland, North Carolina, Georgia, and several other states—prompting President Joe Biden to call on Americans not to hoard gas or panic-buy fuel.

Darkside also said around the same time that it is stopping operations, saying in a Russian statement that it lost access to part of its infrastructure and financial assets.

“In view of the above and due to the pressure from the U.S., the affiliate program is closed. Stay safe and good luck. The landing page, servers, and other resources will be taken down within 48 hours,” the announcement read, according to a translation by Intel 471, a group of intelligence operators.

Before, Darkside released a statement cited by news outlets that it is apolitical and only “wants to make money.”

But some security researchers expressed skepticism about Darkside’s announcement and noted the group could be disbanding for a temporary period of time to avoid law enforcement scrutiny.

Biden, separately, told reporters last week that he would be speaking to Russian President Vladimir Putin about the hack, but he suggested there was “no evidence” Kremlin had anything to do with the ransomware breach. However, he suggested that the Russian government bears some responsibility.

“So far there is no evidence … from our intelligence people, that Russia is involved, although there’s evidence that the actors’ ransomware is in Russia,” the president said, citing a report he received from the FBI.

The Epoch Times has contacted Colonial for comment.

From The Epoch Times

ntd newsletter icon
Sign up for NTD Daily
What you need to know, summarized in one email.
Stay informed with accurate news you can trust.
By registering for the newsletter, you agree to the Privacy Policy.