Colonial Pipeline, the operator of the one of the largest pipelines in the United States for refined petroleum products, Wednesday evening said it restarted operations that had been interrupted by a ransomware attack May 7th.
“Colonial Pipeline initiated the restart of pipeline operations today at approximately 5 p.m. ET.,” said the company in a posting on its Web page that has provided updates since Saturday.
Said Colonial, “Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period. Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal.”
Also: Colonial Pipeline attack: Everything you need to know
Colonial first announced Saturday that it proactively shut down operations after being infiltrated by ransomware software that encrypted the company’s files.
The pipeline provides roughly 45% of the East Coast’s fuel. In days following the attack, stocks of gasoline have run out across swatches of the Eastern U.S. seaboard, in states such as North Carolina and Virginia, prompting panic buying by motorists.
Law enforcement and security specialists quickly pointed to the underworld organization DarkSide as the source of the ransomware code used, and DarkSide subsequently claimed responsibilty for the attack. DarkSide operates as a “ransomware-as-a-service” cloud computing business.
Also: DarkSide explained: The ransomware group responsible for Colonial Pipeline cyberattack
Security firm FireEye has documented the nature of the DarkSide code based on a forensic analysis of the exploit, and groups that appear to have been participating in the attack uisng the code.
Also Wednesday, The White House announced U.S. President Joe Biden signed an executive order calling for a number of measures to “improve the nation’s cybersecurity and protect federal government networks.”