Politico | What you need to know about the US Colonial Pipeline hack
- Colonial Pipeline, which delivers about 45 per of fuel for US East Coast, shut down Friday after ransomware attack
- Incident has shone a spotlight on the growing threat of digital extortion schemes
This story is published in a content partnership with POLITICO. It was originally reported by Eric Geller on politico.com on May 10, 2021.
The cyberattack that forced the shutdown of the US East Coast’s largest fuel pipeline has prompted fresh questions about the vulnerability of the country’s critical infrastructure to cyberattacks.
Here’s a rundown of how a criminal gang managed to infiltrate Colonial’s systems and why the tool they used – ransomware – is such a persistent threat.
How did computer hackers shut down a pipeline?
On Friday, Colonial Pipeline said it learned that hackers had infected its computer networks with ransomware, malicious code used to seize control of computers and extract payments from victims. The breach affected Colonial’s business networks, which it uses for tasks such as managing payrolls and reporting data to regulators.
Colonial deactivated those systems, but it also shut off the much more sensitive technology that runs its pipeline operations – a precaution aimed at preventing the hackers from reaching it if they hadn’t already. These systems monitor the flow of gas for impurities and leaks, control power levels and perform other automated tasks to keep the pipeline running smoothly.