Following the Colonial Pipeline shut down in early May, Colonial Pipeline CEO Joseph Blount faced two days of questioning June 8 and 9 before both the Senate Homeland Security & Government Affairs Committee and the House Committee on Homeland Security. During the hearings, Blount defended his company’s decision to halt the pipeline’s operations and pay a $5 million ransom to DarkSide, the eastern European hacker group responsible for the ordeal.
"Shutting down the pipeline was absolutely the right decision, and I stand by our employees' decision to do what they were trained to do," Blount told lawmakers. The chief executive said paying the ransom was "the hardest decision I've made in my 39 years in the energy industry."
Built in 1961, the Colonial Pipeline stretches from Texas and the Gulf of Mexico northeast through New Jersey to supply more than 100 million gallons of oil, gasoline and chemicals every day. DarkSide gained access to the company's computer system in late April by using a compromised account to log in to the company's virtual private network, Blount confirmed. The encrypted internet connection enables employees to remotely access Colonial Pipeline's network, but "was not intended to be in use," the CEO conceded.
On May 7, Colonial executives learned that their information systems were victim to a spear-phishing attack by DarkSide. Fearing that the group could then gain access to its operational technology, Blount moved to shut down the 5,500-mile pipeline that provides 45% of all fuel consumed on the East Coast.
Colonial publicly admitted in late May to paying the $5 million ransom in Bitcoin, citing the tens of millions of Americans that rely on its operations daily. Following payment, DarkSide provided decryption keys to Colonial to regain control of its systems, which Blount said were “advantageous” but not a perfect fix. On June 8, the Department of Justice and the Federal Bureau of Investigation announced that they had successfully retrieved $2.3 million of the payment.
Throughout May, gasoline shortages along the Atlantic Coast saw prices rise by as much as 20 cents in some states, with the national average price of unleaded gasoline sitting at a seven-year high of $3.04 during Memorial Day weekend. Even after Colonial reestablished normal pipeline operations on May 15, panic-buying and the disrupted tanker truck supply chain left some towns without gasoline for weeks.
All of this comes as both President Biden and Congress are pushing to strengthen the nation’s cyber defenses, particularly for critical infrastructure amidst a rising trend of ransomware attacks. The Biden infrastructure proposal includes billions of dollars for improving cybersecurity while Congress continues to debate a separate package.
During the crisis, ILTA drew the attention of regulators at EPA and the Coast Guard to measures that could facilitate better resilience of fuel supply chains during a future disruption. These included temporary waivers of roof landing prohibitions for floating roof tanks, and temporary allowances for non-TWIC credentialed truck drivers to access TWIC sites to load fuel.