WASHINGTON – President Joe Biden said Monday that his administration was prepared to take additional steps as the energy sector grapples with a colossal cyberattack targeting one of the largest fuel pipelines in the nation.
On Friday, Colonial Pipeline paused its operations and notified federal agencies that it had fallen victim to a ransomware attack.
The assault, carried out by the criminal cyber group known as DarkSide, forced the company to shut down approximately 5,500 miles of pipeline, leading to a disruption of nearly half of the nation’s East Coast fuel supply. Ransomware attacks involve malware that encrypts files on a device or network that results in the system becoming inoperable. Criminals behind these types of cyberattacks typically demand a ransom in exchange for the release of data.
The Department of Energy is leading the federal government response in coordination with the FBI, Department of Homeland Security and Department of Defense. A spokeswoman for FireEye Mandiant confirmed to CNBC that the U.S. cybersecurity firm was working with Colonial Pipeline after the incident.
Biden said that since the attack that struck the jugular of America’s pipeline system, he has received regular briefings on the matter. The president said that his administration does not have intelligence to support claims that Moscow directed the ransomware attack. He added that he would still discuss the situation with Russian President Vladimir Putin.
“So far there is no evidence from our intelligence people that Russia is involved although there is evidence that the actor’s ransomware is in Russia, they have some responsibility to deal with this,” Biden said from the White House.
The Kremlin has previously denied claims that it has launched cyberattacks against the United States.
Earlier Monday, White House national security officials described the attack as financially motivated in nature. Biden administration officials, however, would not say if Colonial Pipeline agreed to pay the ransom.
“Typically that’s a private sector decision,” Anne Neuberger, deputy national security advisor for cyber and emerging technologies, told reporters at the White House when asked about the ransom payment.
“We recognize that victims of cyberattacks often face a very difficult situation and they have to just balance often the cost-benefit when they have no choice with regards to paying a ransom. Colonial is a private company and we’ll defer information regarding their decision on paying a ransom to them,” Neuberger said.
She added that the FBI has previously warned victims of ransomware attacks that paying a ransom could encourage further malicious activity.
Colonial Pipeline did not immediately respond to CNBC’s request for comment.
Earlier on Monday, the DarkSide group described its actions as “apolitical” in a statement provided to CNBC by Cybereason.
“We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for our motives,” the group wrote.
“Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future,” the statement added.
Pentagon spokesman John Kirby said Monday that the Defense Department was monitoring the nation’s fuel supply following concerns that Colonial Pipeline’s shutdown could trigger shortages of gasoline, diesel and jet fuel. Kirby said there were currently no known shortages posed to the U.S. military.
Deputy national security advisor Elizabeth Sherwood-Randall told reporters at the White House that the administration did not forecast a fuel shortage.
Colonial Pipeline wrote in a statement Monday afternoon that it hopes to restore service by the end of the week.
“Actions taken by the Federal Government to issue a temporary hours of service exemption for motor carriers and drivers transporting refined products across Colonial’s footprint should help alleviate local supply disruptions and we thank our government partners for their assistance in resolving this matter,” the statement added.
The Colonial Pipeline attack comes as the Biden administration works to pass a $2.3 trillion infrastructure plan aimed at addressing, in part, America’s critical infrastructure vulnerabilities.
“Unfortunately, these sorts of attacks are becoming more frequent. They’re here to stay. And we have to work in partnership with businesses to secure networks to defend ourselves,” Commerce Secretary Gina Marie Raimondo told the CBS Sunday program “Face the Nation.”
“It’s an all-hands-on-deck effort right now. And we are working closely with the company, state, and local officials to make sure that they get back up to normal operations as quickly as possible, and there aren’t disruptions in supply,” she said, adding that investing in infrastructure is a top priority for the administration.