Gas crunch from cyberattack intensifies in nation's capital
Gas shortages have spread from the South, almost exhausting supplies in Washington, D
May 14, 2021, 11:14 PM
5 min read
Share to FacebookShare to TwitterEmail this articleA gas pump at a gas station in Silver Spring, Md., is out of service, notifying customers they are out of fuel, late Thursday, May 13, 2021. Motorists found gas pumps shrouded in plastic bags at tapped-out service stations across more than a dozen U.S. states Thursday while the operator of the nation's largest gasoline pipeline reported making "substantial progress" in resolving the computer hack-induced shutdown responsible for the empty tanks. (AP Photo/Manuel Balce Ceneta)
Gas shortages at the pumps have spread from the South, all but emptying stations in Washington, D.C., following a ransomware cyberattack that forced a shutdown of the nation’s largest gasoline pipeline. Though the pipeline operator paid a ransom, restoring service was taking time.
As Georgia-based Colonial Pipeline reported making “substantial progress” in restoring full service, multiple sources confirmed that the company had paid the criminals a ransom of nearly $5 million in cryptocurrency for the software decryption key required to unscramble their data network.
The ransom — 75 Bitcoin — was paid last Saturday, a day after the criminals locked up Colonial's corporate network, according to Tom Robinson, co-founder of the cryptocurrency-tracking firm Elliptic. Prior to Robinson's blog post, two people briefed on the case had confirmed the payment amount to The Associated Press.
The FBI advises against paying such ransoms because it only encourages a global criminal feeding frenzy that has worsened during the pandemic. But many ransomware victims — especially those ill-prepared for a quick recovery with carefully managed backups — opt to pay.
President Joe Biden said Thursday that his administration would seek to put the responsible Russian-speaking ransomware syndicate out of business, and its operators later said they were shutting down. Biden has said he intends to speak directly to Russian President Vladimir Putin about his government's harboring of ransomware criminals that have caused tens of billions of dollars in damages in the West in the past year. The pipeline shutdown is the most damaging cyberattack on U.S. soil.
The tracking service GasBuddy.com on Friday showed that 88% of gas stations were out of fuel in the nation's capital, 45% were out in Virginia and 39% of Maryland stations were dry. About 65% of stations were without gas in North Carolina, and nearly half were tapped out in Georgia and South Carolina.
Colonial said Thursday that operations had restarted and gasoline deliveries were being made in all of its markets, but it would take “several days” to return to normal.
A gas station owner in Virginia said panic buying is the problem.
“It’s like a frenzy,” Barry Rieger, who owns a gas station in Burke, Virginia, told WJLA-TV.
Many authorities are warning of the dangers of hoarding gas.
In South Carolina, a woman was severely burned after flipping a car that a deputy tried to pull over for a suspected stolen license plate Thursday night. The fire touched off multiple explosions due to fuel “that she was hoarding in the trunk of the vehicle," a Pickens County sheriff’s statement said.
A cyberattack by hackers who lock up computer systems and demand a ransom to release them hit the pipeline on May 7. The hackers didn't take control of the pipeline’s operations, but Colonial shut it down to prevent the malware from impacting its industrial control systems.
Biden has promised aggressive action against DarkSide, the syndicate responsible for the attack. Its public-facing darknet site went offline on Thursday, and its operators said in a cybercriminal forum post that the group had lost access to it and would be shutting down.
This does not necessarily mean U.S. or allied cyberjockeys knocked it offline. Cybersecurity experts said that DarkSide, which rents out its ransomware to partners to carry out the actual attacks, could have taken it down to prevent Western law enforcement from tracking down the rest of its infrastructure.
