Keeping Petroleum Flowing

Last month the Colonial Pipeline was targeted by a ransomware group causing the pipeline to be temporarily taken offline.  The pipeline is vital because it provides almost half of the fuel supply on the east coast. Colonial Pipeline’s CEO, Joseph Blount paid the ransom after one day to quickly restore the flow of petroleum. The FBI was also quickly notified.  On Monday, June 7th the FBI managed to recover most of the ransom from the hackers.

Only a few short weeks after the attack, the FBI recovered nearly $2.3 million out of the $4.4 million paid to the ransomware attackers of the Colonial Pipeline. “I know that’s a highly controversial decision.” Mr. Blount said in his first public remarks since the crippling hack. “I didn’t make it lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this…. But it was the right thing to do for the country,” he added.

Colonial paid the ransom because it was not confident it understood the extent of the ransomware, or how long it would take it to restore service to the pipeline after the May 7th attack. Colonial had bought a decryptor tool from said attackers, but it did not work properly, and now Colonial must rebuild its entire network.  The ransomware was paid in bitcoin to the attackers called, “DarkSide.” The FBI was able to track down 63.7 out of 75 bitcoin that was exchanged.

Deputy Attorney General Lisa O. Monaco for the U.S. Department of Justice said in the release, “Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide.”

What this all means for us being in the petroleum industry; petroleum will continue flowing with less disruptions from this attack moving forward. “Colonial Pipeline is taking steps to understand and resolve this issue. Currently, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline,” said the Colonial Pipeline.

 

https://oilprice.com/Latest-Energy-News/World-News/US-Claws-Back-Millions-From-Pipeline-Ransomware-Attackers.html

https://www.justice.gov/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside

https://www.wsj.com/articles/colonial-pipeline-ceo-tells-why-he-paid-hackers-a-4-4-million-ransom-11621435636

https://www.zdnet.com/article/colonial-pipeline-cyberattack-shuts-down-pipeline-that-supplies-45-of-east-coasts-fuel/

Written by:

Guttman Energy Daily Market Update Disclaimer – The information contained in this market update is derived from sources believed to be reliable; however this update could include technical inaccuracies or typographical errors and Guttman Energy does not guarantee the accuracy, completeness or reliability of this update. FURTHERMORE, THIS UPDATE IS PROVIDED “AS IS,” WHERE IS, WITH ALL FAULTS AND WITHOUT ANY WARRANTY OR CONDITION OF ANY KIND, EXPRESS, IMPLIED OR STATUTORY. GUTTMAN ENERGY ALSO SPECIFICALLY DISCLAIMS ALL EXPRESS AND IMPLIED WARRANTIES. YOU USE THIS UPDATE AT YOUR SOLE RISK. This update and any view or comment expressed herein are provided for informational purposes only and should not be interpreted in any way as recommendation or inducement to buy or sell products, commodity futures or options contracts.