Colonial Pipeline attack underscores US energy’s vulnerabilities

The ransomware attack on Colonial Pipeline, the largest supplier of oil to the Northeast region of the United States, is underscoring just how vulnerable critical U.S. infrastructure is to cybercriminals in a way no previous attack has done, say U.S. officials and experts in the field.

The successful breach of Colonial Pipeline’s IT system forced the company to shut down 5,500 miles of pipelines to ensure hackers could not gain access to its operational technology.

The attack was shocking in some ways in that it illustrated how vulnerable a critical and large company such as Colonial Pipeline was to increasingly frequent ransom attacks.

And it also showed such attacks have a far larger impact. The entire nation could see a rise in gas prices because of the attack on the pipeline, which carries around 45 percent of oil used on the East Coast and runs between Texas and New York.

Threats to critical infrastructure have built steadily in recent years, and over the past year during the COVID-19 pandemic have spiked, particularly as more work is done remotely and online.