US declares state of emergency to keep fuel flowing after cyber attack

The US government declared a state of emergency on Sunday in a bid to keep fuel supply lines open as fears of shortages rose following the shutdown of an essential pipeline.

The move lifted various limits on the transport of fuels by road to ease the fallout from the continuing closure of the Colonial pipeline, which carries almost half the fuel consumed on the US east coast, following a ransomware cyber attack on Friday.

“This Declaration addresses the emergency conditions creating a need for immediate transportation of gasoline, diesel, jet fuel and other refined petroleum products and provides necessary relief,” the Department of Transportation .

The order came as the government scrambled to deal with the repercussions from the closure of Colonial, the biggest refined products pipeline in the US, which transports 2.5m barrels of fuel a day from refineries on the Gulf Coast to markets such as Atlanta, Washington and New York.

The pipeline’s operator, the Colonial Pipeline Company, was forced to take the entire system offline on Friday after an attack it attributed to ransomware, whereby hackers seize control of a victim’s computer systems or data by installing illicit software and release the assets only once payment is made.

Colonial said on Sunday evening that its main lines remained offline, but that some smaller lines between terminals and delivery points had been returned to service. It gave no indication of when full service would resume.

Recommended

“We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations,” the company said.

Petrol prices jumped as much 4 per cent as trading reopened on Sunday before falling back to trade around 2 per cent higher at $2.16 a gallon.

If the pipeline was not quickly reopened, the impact on prices could become more severe in the coming days, said Patrick De Haan, head of petroleum analysis at data provider GasBuddy.

“We’re realising the gravity of it is maybe worse than what we’d expected,” said De Haan. “There’s still a little breathing room, we’re starting to run low on it. But Monday, Tuesday if there’s no news, you know we’re dealing with something fairly significant.”

The pipeline is the country’s biggest conduit for refined products, spanning more than 5,500 miles from Pasadena, Texas to Linden, New Jersey and New York Harbor. It serves some of the country’s transport hubs, including its busiest airport, Hartsfield-Jackson in Atlanta.

Gasoline demand in areas served by the pipeline rose about 4 per cent on Saturday compared with the previous week, according to GasBuddy, indicating panic buying as consumers fretted over the potential for a prolonged outage.

The shutdown may trigger another rise in US petroleum imports, exposing the country’s energy vulnerability despite a decade of soaring domestic and gas production.

“The base case is that it’s resolved quickly, but if not US gasoline and diesel prices will have to rise very significantly to draw in sufficient imports from Europe,” said Robert Campbell, head of oil products research at consultancy Energy Aspects.

Refiners on Gulf Coast that used the pipeline to ship products eastward would be forced to trim back fuel production, he said.

Large pipelines increasingly rely on automation to monitor flows and pressure and control batches of deliveries of petroleum products, increasing the potential disruption of a hack.

“This is definitely not a schoolboy prank. This is a highly sophisticated attack on a piece of critical infrastructure,” said Campbell.

The attack came amid growing concerns about cyber security vulnerabilities in critical US infrastructure after last year’s SolarWinds attack, which authorities have attributed to Russia.

It also followed a proliferation of ransomware attacks in recent years, with cyber criminals — often operating from jurisdictions where they will not be prosecuted by authorities — making average ransom demands to victims of more than $100,000, according to the US Department of Justice.

Last month, a coalition of Big Tech companies and officials from the FBI and justice department called for governments to designate ransomware as a national security threat and to “exert pressure” on nations that refused to join efforts to tackle the hacking epidemic, for example through sanctions.

Recommended

The attack came as the White House prepared for another round of negotiations with legislators about the president’s proposed $2.3tn infrastructure package.

Biden and the Democrats said unprecedented federal spending for areas ranging from broadband access to subsidised childcare was needed to propel and sustain an economic recovery. But Republicans have pushed for a slimmed-down bill more tightly focused on traditional infrastructure projects such as roads, bridges and tunnels.

Adam Kinzinger, Republican congressman from Illinois, said the attack on the Colonial pipeline underscored the importance of investing in critical infrastructure and energy projects.

“This needs to redouble our efforts as a country to get past our internal divisions . . . and focus on things like critical infrastructure in the future,” he told CBS News. “Because this is only going to continue to happen more often if we’re not careful.”

Twice weekly newsletter

Read More