The cyberattack and extortion attempt at Colonial Pipeline in the U.S. is considered to be the worst to date on critical American infrastructure.
Experts are still mulling what it might mean for Canada, but say the country is not immune to trickle-down effects — whether it be through gas prices or more symbolic implications, like our own infrastructure’s cybersecurity.
Here’s what we know so far.
What happened?
The Georgia-based pipeline shut down its entire network Friday after learning of a cyberattack on its systems. A financial ransom was demanded, though it’s unclear whether the private company paid one.
The finger is currently being pointed at organized cybercriminal gangs. The FBI believes a group called DarkSide was among the suspects, though experts emphasize that it can be extremely difficult to attribute definitive blame to any certain group for malicious activity online.
Colonial launched an investigation via a private security association to assess potential damage. It is in the process of restarting portions of its network. Its main pipeline remained offline as of Monday morning, but some smaller lines were operational again.
The company has not provided any public indication about the reach of the breach, but White House officials said the company “has not suffered any damage and can be brought back online relatively quickly.”
Colonial said Monday it expects to “substantially” restore operational service by the end of the week.
Roger McKnight, chief petroleum analyst at En-Pro, called Colonial Pipeline the “lifeblood of supply and pricing to the Eastern seaboard.”
The pipeline’s network carries 2.5 million barrels a day — approximately 45 per cent of the East Coast’s supply of diesel, petrol and jet fuel. It transports products through 10 states, between Texas and New Jersey. It also serves major U.S. airports.
“Right now there is not a supply shortage,” U.S. Deputy National Security Adviser Elizabeth Sherwood-Randall told reporters in a briefing. “We are preparing for multiple possible contingencies because that’s our job.”
U.S. fuel prices at the pump were largely unaffected on Monday, but gasoline futures ticked higher.
Get daily National news
Fuel futures — prices that traders pay for contracts for delivery at some point in the future — tend to rise as the driving season approaches. The price at the pumps tends to follow from there.
Experts say regional fuel supplies could be impacted if the outage continues — including in Canada.
The Colonial Pipeline is a “physical supply artery of refined products” to the New York Harbour, where daily futures prices are set, said McKnight.
Gasoline futures jumped as high as 4.2 per cent Monday, according to multiple reports, before paring back gains.
“If and when New York Harbour futures spike, they will also jump in Ontario and Quebec overnight,” he said.
Gas prices
In the short term, however, Canadian gas experts aren’t convinced the shutdown will move the needle on prices significantly.
“There may be a very slight impact on Canadian prices if this problem lingers more than a day or two longer, but it should be fairly tame, at maybe a few cents per litre,” Patrick De Haan, the head of petroleum analysis at GasBuddy, told Global News via email.
But it’s not the pipeline itself that would impact Canada, he said.
Any effect on prices here would “simply due to the fact the U.S. refining hub may need to slow down production since the Colonial Pipeline isn’t moving products out of refineries,” de Haan said.
“If the U.S. refining hub in Texas has to slow operations down due to no takeaway of product — that would be a big hit… potentially similar to the cold weather outages seen in February.”
If the shutdown is prolonged, “meaning more than a week,” Canada could see more serious effects on prices of all gasoline grades, diesel and jet fuel, according to McKnight.
In response to the attack, the Biden administration loosened regulations for the transport of petroleum products on highways as part of an “all-hands-on-deck” effort to avoid disruptions in the fuel supply.
“The last time the Colonial went down was because of (hurricane) Katrina,” he said via email.
“That was physically fixable. This time I’m not so sure.”
Cyber networks 'merging'
Outside of gas price fluctuations, experts say the cyberattack should serve as a wake-up call to critical national industrial infrastructure — not just businesses.
Over the past few decades, there has been a “merging” of systems within critical infrastructure networks that has “created a whole new attack surface,” said Florian Kerschbaum, the executive director of the Cybersecurity and Privacy Institute at the University of Waterloo.
“Pipelines, electricity grids, water supply — they’re all now equipped with electronic network equipment. So the pipeline is controlled by equipment that ultimately has a connection to the internet,” he said.
“You no longer have two separate kids of networks…. It’s not fundamentally a new type of attack, what’s new is that criminals are now exploiting it.”
Kerschbaum said Canada is far from immune from these types of attacks.
“I would say every country in the world is at risk for these types of interference,” he said. “We have hydro, nuclear power lines…. We have lots of things in critical infrastructure we need to protect.”
The Canadian Centre for Cyber Security would not directly comment on the Colonial Pipeline situation, but it regularly shares information with partners under the Five Eyes alliance.
“While we can’t confirm or deny, or offer specific details on the intelligence shared, threat information to help defend against critical infrastructure threats is regularly shared and acted upon as appropriate,” Evan Koronewski, a spokesperson for the Communications Security Establishment, said in an emailed statement.
Koronewski pointed to the 2020 National Cyber Threat Assessment, which concluded that ransomware directed against Canada will “almost certainly continue to target large enterprises and critical infrastructure providers.”
“As Canadians adopt new technology and embrace more internet-connected devices, the cyber threats will continue to grow,” he wrote.
The “bigger trend of operational technology” is a “balancing act” that many industries and companies are facing increasingly, Kerschbaum said.
While this type of technology can provide benefits in management and reduced operational cost, and can provide cheaper oil and energy, it also increases the risk of attacks like these, he said.
“We have to balance investments in more secure software, in educating people, in providing correct confirmations in certain types of separations between these types of technologies — like firewalls and stronger authentication,” he said.
“There’s a lot of aspects where we can improve the secure operations despite using the benefits of this new operational technology.”
— with files from Reuters and The Associated Press
Comments