The hackers who caused the vast Colonial Pipeline to shut down on Friday reportedly began their cyberattack against the top US fuel pipeline operator a day earlier and stole a large amount of data.
The attackers are part of a cybercrime group called DarkSide and took nearly 100 gigabytes of data out of Colonial’s network in just two hours on Thursday, the Bloomberg news website reported late Saturday, citing two people involved in the company’s investigation.
The shutdown is already prompting worries about a spike in gasoline and diesel prices ahead of the peak summer driving season if the outage does not end soon.
Colonial did not immediately reply to an email from Reuters seeking comment outside usual US business hours.
Colonial Pipeline shut its entire network after the breach of its computer networks, the source of nearly half of the US east coast’s fuel supply, after a cyber attack that involved ransomware.
The 5,500 miles of pipeline that runs from Texas to New York carries 45% of the east coast’s fuel supplies and travels through 14 southern and eastern US states.
The pipeline transports gasoline, diesel and jet fuel. The company’s website says it carries some 100m gallons of fuel each day and services seven airports.
A third-party cybersecurity firm was hired to investigate the attack and federal agencies and law enforcement were informed.
An Eastern European-based criminal gang known as DarkSide may be responsible, a US official and another person familiar with the matter indicated to the Washington Post.
Prices at the pump are not expected to rise unless the outage lasts more than three days, experts say. But a long-term shutdown could be significant given the size of the line.
“The challenges brought on by the Colonial Pipeline shutdown would only develop after a few days of outage,” said Patrick DeHaan, head of petroleum analysis at GasBuddy.
He warned drivers against panic buying. “What could make a temporary pipeline shutdown much worse is if Americans wrongly fear shortages,” he said.
The American Automobile Association said: “The shutdown can have a large impact if it is prolonged.”