At least two flights (to Honolulu and London) had fuel stops or plane changes added to their schedules for a four-day period. In response to fuel shortages at Charlotte Douglas International Airport caused by the pipeline shutdown, American Airlines changed flight schedules temporarily. On May 9, Colonial stated they planned to substantially repair and restore the pipeline's operations by the end of the week. It was reported that within hours after the attack the company paid a ransom of nearly 75 Bitcoins ($5 million) to the hackers in exchange for a decryption tool which proved so slow that Colonial's own backups were used to bring the system back online. The attackers also stole nearly 100 gigabytes of data and threatened to release it on the internet if the ransom was not paid. The day after the attack, Colonial could not confirm at that time when the pipeline would resume normal functions. Colonial Pipeline reported that it shut down the pipeline as a precaution due to a concern that the hackers might have obtained information allowing them to carry out further attacks on vulnerable parts of the pipeline. According to CNN sources in the company, the inability to bill the customers was the reason for halting the pipeline operation. Some filling stations were without fuel for several daysĬolonial Pipeline's billing system was compromised while the operational technology systems were not affected.
On June 7, the Department of Justice announced that it had recovered 63.7 of the bitcoins (approximately $2.3 million) from the ransom payment. The same group is believed to have stolen 100 gigabytes of data from company servers the day before the malware attack. The FBI and various media sources identified the criminal hacking group DarkSide as the responsible party. It was the largest cyberattack on an oil infrastructure target in the history of the United States. The Federal Motor Carrier Safety Administration issued a regional emergency declaration for 17 states and Washington, D.C., to keep fuel supply lines open on May 9. The hackers then sent Colonial Pipeline a software application to restore their network, but it operated very slowly. With the assistance of the FBI, Colonial Pipeline paid the requested ransom (75 bitcoin or $4.4 million) within several hours after the attack. In response, Colonial Pipeline Company halted all of the pipeline's operations to contain the attack. On May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline.
0 kommentar(er)
