The Colonial Pipeline has raised concerns after a ransomware attack disabled it on May 7th. The pipeline, responsible for carrying 45% of fuel to the East Coast, was attacked by a group of criminals known as DarkSide. The group demanded $5,000,000 to unencrypt the Colonial Pipeline’s scrambled data. Six days after the attack, the Colonial Pipeline Co. submitted the full ransom amount to DarkSide to regain control of their systems. Experts and U.S. government officials warn that fulfilling the ransom likely encouraged more attacks in the future.
Although the pipeline extends from Texas to New Jersey, gas shortages arose across the eastern half of the U.S., including in areas the pipeline does not serve. Some citizens reported waiting in line for more than an hour to fill up, while others found their local gas stations shut down due to the lack of supply. The shortage drove gas prices up to $3.08/gallon, the highest since 2014.
This attack has highlighted weaknesses of the United State’s infrastructure. Hospitals, small city governments, and manufacturing companies are some examples of vulnerable targets that suffer from ransomware attacks. Ransomware is relatively cheap when compared to other forms of attacks, and it can be perpetrated by small groups of individuals from anywhere in the world. DarkSide, for example, is a hacker group based out of Russia.
The Colonial Pipeline is not a one-off exception; ransomware attacks are frequent. It is estimated that $350,000,000 has been paid in ransomware attacks over the last year in the United States alone. Consumers and businesses alike have suffered economic impacts due to this growing threat.