America’s largest fuel pipeline has been shut since Friday after a ransomware attack. What’s going on?

The 5,500-mile long “Colonial Pipeline” America’s longest fuel pipeline, has been shut since the weekend after it was targeted by a group of "ransomware" hackers. Saloni Sardana explains what's going on.

Colonial pipeline fuel tanks
The 5,500 mile-long pipeline carries almost half of the fuel used on America's east coast.
(Image credit: © JIM WATSON/AFP via Getty Images)

America’s largest fuel pipeline – the “Colonial Pipeline” – has been shut since the weekend after it emerged that it suffered a ransomware attack by hackers.

So what happened, and why does it matter?

The 5,500 mile-long pipeline runs from Texas to America's east coast. It is important because it accounts for more than 45% of the east coast’s fuel – including home heating oil, jet fuel, petrol and diesel. More than 2.5 million barrels of oil flow through the pipeline every day.

Subscribe to MoneyWeek

Subscribe to MoneyWeek today and get your first six magazine issues absolutely FREE

Get 6 issues free

Sign up to Money Morning

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

Sign up

The FBI confirmed on Monday that a hacking group known as DarkSide was behind the attack. “Darkside ransomware is responsible for the compromise of the Colonial Pipeline networks”, it said.

So who are the DarkSide hacker group?

The way ransomware software works is that after encrypting victims’ data, hackers will demand cryptocurrency payments in exchange for giving the victim a key to restore it. Failure to pay the ransom, which can range from thousands to millions of dollars, is likely to expose the victim to the spectre of confidential data leaks.

DarkSide hackers develop market ransomware hacking tools and sell these to other perpetrators who then carry out the deed, said cyber-security company Cybereason on CNBC.

While a number of cyber security experts suspect DarkSide to have Russian ties, because the software will not encrypt any computer systems written in Russian, US president Joe Biden has said so far there is “no evidence” Russia was behind the hacking incident, reports the BBC.

The group has a press centre, a victim hotline, and an apparent code of conduct, says Reuters, so calling the group amateur would probably be wrong. “They're very new but they're very organised”, says Lior Div, Cybereason’s chief executive.

DarkSide released a statement on Monday saying the attack was apolitical and was carried out solely to make money and not create societal or geopolitical tensions.

“Our goal is to make money and not creating problems for society”, said DarkSide. “From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future”, it added.

DarkSide has not disclosed how much money it is seeking as ransom.

The group seems to want to portray itself as something of a Robin Hood organisation, and made a bit of a splash last October when it came to light that it had donated around $20,000 of its ill-gotten gains to charity via bitcoin, reports the BBC.

“We think that it's fair that some of the money the companies have paid will go to charity”, it said. "No matter how bad you think our work is, we are pleased to know that we helped changed someone's life. Today we sended (sic) the first donations."

What effect will the ransomware attack have on fuel prices?

What began as a random cyber attack may have knock-on effects for a while yet, as the privately-owned Colonial Pipeline said it won’t be until the end of next week until it can “substantially” restore services.

Biden has been personally briefed on the situation and has issued an emergency waiver that resulted in lorry drivers receiving extended hours for delivering fuel across 17 different states in the US.

The most obvious effect of the prolonged disruption is on fuel prices. Gasoline futures rose as much as 4.2% on Monday to their highest level since May 2018 after it became clear the disruption would last a while longer. They later pared some of those gains. Some of the jitters spread to the US oil market and West Texas intermediate (WTI) futures also rose on Monday.

But as important as the pipeline is at present, there is no reason to worry about higher petrol or oil prices, says Sophie Griffiths, a market analyst at OANDA: “Oil prices are falling as the Colonial Pipeline disruption has all the hallmarks of a short-term glitch. Investors have accepted that the pipeline failure is not likely to be an ongoing issue, with a phased restart expected imminently and full operation restored by the end of the week.”

“The prospect of a return to normality has seen the price of oil slip back to Friday’s levels.”

Saloni Sardana

Saloni is a web writer for MoneyWeek focusing on personal finance and global financial markets. Her work has appeared in FTAdviser (part of the Financial Times),  Business Insider and City A.M, among other publications. She holds a masters in international journalism from City, University of London.

Follow her on Twitter at @sardana_saloni