一场网络攻击迫使美国一条主要天然气管道关闭,该管道供应了东海岸45%的燃料消耗。
根据美国广播公司新闻(ABC News)审查的联邦紧急事务管理局(Federal Emergency M anagement Agency)的一份报告,对从休斯顿到新泽西州林登(Linden)的殖民管道(Colonial Pipeline)的网络攻击始于周五晚上7点。
该公司在一份声明中表示:“我们主动让某些系统离线,以遏制威胁,这已暂时停止了所有管道运营,并影响了我们的一些信息技术系统。”声明。
殖民管道周六在更新中表示,攻击涉及勒索软件。
该公司表示,Colonial的网络从墨西哥湾沿岸的美国炼油厂向美国东部和南部供应燃料,每天通过5500英里的管道运输250万桶汽油、柴油、喷气燃料和其他产品。
马克·伦尼汉/美联社,档案
2008年9月8日,新泽西州林登市,95号州际公路上的车辆经过殖民管道公司拥有的储油罐。
尚不清楚管道将关闭多长时间。联邦应急管理局表示,关闭将影响其他管道运营,如穿过纽约市长岛地区和缅因州的七叶树和双橡树管道。
总部位于佐治亚州阿尔法莱塔的该公司表示,它聘请了一家外部网络安全公司来调查攻击的性质和范围,并已联系了执法和联邦机构。
“殖民管道正在采取措施理解和解决这个问题。此时,我们的首要重点是安全高效地恢复我们的服务,并努力恢复正常运营。这个过程已经在进行中,我们正在努力解决这个问题,并尽量减少对我们的客户和那些依赖殖民管道的人的干扰,”该公司说。
据白宫发言人说,乔·拜登总统已经了解了情况。
“联邦政府正在积极评估这一事件的影响,避免供应中断,并帮助该公司尽快恢复管道运行,”发言人说。
这位官员表示,政府正在积极接触整个行业,以确保他们有适当的保护措施来检测类似的攻击。
联邦调查局表示,正在与殖民管道合作打击勒索软件。
“美国联邦调查局(FBI)于2021年5月7日被告知殖民管道(Colonial Pipeline)的网络中断,并正在与该公司和政府合作伙伴密切合作,”美国联邦调查局(FBI)表示。“目前我们没有其他可分享的东西。”
网络安全和基础设施安全局发布了一份声明,称他们与该公司“接触”。
CISA网络安全部门的执行助理主任埃里克·戈尔茨坦说:“我们正与该公司和我们的跨部门合作伙伴就这一情况进行接洽。”。“这凸显了无论规模或部门如何,软件对组织构成的威胁。我们鼓励每个组织采取行动,加强其网络安全态势,以减少其面临的此类威胁。”
国土安全部部长亚历杭德罗·马约尔卡斯谈到了本周早些时候勒索的危险鉴于最近大量的勒索软件攻击,包括对华盛顿特区、大都会警察局和伊利诺伊州司法部长办公室的黑客攻击。
Ransomware cyberattack shuts down major US pipeline, company says
A cyberattack has forced the shutdown of a major gas pipeline in the U.S. that supplies 45% of all fuel consumed on the East Coast.
The cyberattack against Colonial Pipeline, which runs from Houston to Linden, New Jersey, began 7 p.m. on Friday night, according to a Federal Emergency Management Agency report reviewed by ABC News.
"We proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems," the company said in astatement.
Colonial Pipeline said in an update Saturday the attack involved ransomware.
Colonial's network supplies fuel from U.S. refiners on the Gulf Coast to the eastern and southern U.S. and transports 2.5 million barrels a day of gasoline, diesel, jet fuel and other products through 5,500 miles of pipelines, the company said.
It's not clear how long the pipelines would be shut down. The shutdown will affect other pipeline operations such as the Buckeye and Twin Oaks Pipeline, which runs through the New York City-Long Island area and Maine, FEMA said.
The company, based in Alpharetta, Georgia, said it hired an outside cybersecurity firm to investigate the nature and scope of the attack and has also contacted law enforcement and federal agencies.
"Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline," the company said.
President Joe Biden has been briefed on the situation, according to a White House spokesperson.
"The federal government is working actively to assess the implications of this incident, avoid disruption to supply, and help the company restore pipeline operations as quickly as possible," the spokesperson said.
The official said the administration is proactively reaching out across the sector to ensure that they have protections in place that can detect similar attacks.
The FBI said it is working with Colonial Pipeline on the ransomware attack.
"FBI was notified of a network disruption at Colonial Pipeline on May 7, 2021 and is working closely with the company and government partners," the FBI said. "We have nothing additional to share at this time."
The Cybersecurity and Infrastructure Security Agency released a statement saying they are "engaged" with the company.
"We are engaged with the company and our interagency partners regarding the situation," Eric Goldstein, CISA's executive assistant director of the Cybersecurity Division said. "This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats."
Department of Homeland Security Secretary Alejandro Mayorkas spoke about thedangers of ransomware earlier this weekgiven the recent spate of ransomware attacks, including the hack of the Washington, D.C., Metropolitan Police Department and the Illinois Attorney General's Office.