Colonial Pipeline attack: Everything you need to know

Updated: DarkSide has claimed responsibility for the catastrophic ransomware outbreak.

Colonial Pipeline attack: What happened and why we should change our online habits

The real-world consequences of a successful cyberattack have been clearly highlighted this week with the closure of one of the US' largest pipelines due to ransomware. 

Here's everything we know so far. 

On Friday, May 7, Colonial Pipeline said that a cyberattack forced the company to proactively close down operations and freeze IT systems after becoming the victim of a cyberattack. 

This measure "temporarily halted all pipeline operations" and cybersecurity firm FireEye, which operates the Mandiant cyberforensics team, was reportedly pulled in to assist. 

What is Colonial Pipeline?

Founded in 1962 and headquartered in Alpharetta, Georgia, privately-held Colonial Pipeline is one of the largest pipeline operators in the United States and provides roughly 45% of the East Coast's

How did the Colonial Pipeline ransomware attack happen?

There are few concrete details on how the cyberattack took place, and it is likely that this will not change until Colonial Pipeline and the third-party company brought in to investigate have concluded their analysis of the incident. 

However, wh

Why does the Colonial Pipeline ransomware attack matter?

colonial-pipeline-system-map.jpg

As shown in the company's operations map, by taking out the systems supporting and managing pipeline operation and fuel distribution, vast swathes of the US have been impacted. 

At the time of the attack, supply shortage concerns prompted gasolin

Will there be gas shortages?

screenshot-2021-05-12-at-12-15-13.png
Patrick De Haan

Late Tuesday evening, White House press secretary Jen Psaki said the US government is "monitoring supply shortages in parts of the Southeast," as

Have any agencies become involved?

FMCSA

To keep supplies flowing, the USDOT Federal Motor Carrier Safety Administration (FMCSA) issued a 

Who is DarkSide?

screenshot-2021-05-12-at-11-53-15.png
Sophos

DarkSide is a Ransomware-as-a-Service (RaaS) group that offers its own brand of malware to customers on a

What happens next?

As a group known to double-extort victims, Colonial Pipeline could be the next company to face the threat of the leak of data unless they give in to blackmail and pay the attackers. It may be, however, that DarkSide could choose not to pursue this usua

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Show Comments