Gasoline shortages have spread from the southern United States to the U.S. capital as a large pipeline works to recover from a cyberattack that U.S. officials say originated in Russia.
The pipeline's owner said on May 14 that it was making progress in restoring full service and ramping up deliveries of gasoline and other fuels. But the company, Colonial Pipeline, expects it will take a few more days to recover from the most disruptive cyberattack on U.S. energy infrastructure.
Gasoline station outages in Washington climbed to 88 percent from 79 percent the day before, tracking firm GasBuddy said.
About 65 percent of gas stations in North Carolina were without fuel, while in Virginia, South Carolina, and Georgia just under 50 percent were empty, GasBuddy said.
Most of the areas experiencing outages have seen panic buying, GasBuddy added.
Colonial Pipeline announced on May 13 that it had restarted its entire pipeline system linking refineries on the Gulf Coast of Texas to markets along the U.S. East Coast.
Energy Secretary Jennifer Granholm said despite the current number of gasoline stations that are out, the nation is "over the hump" on gas shortages and service should return to normal in most areas by the end of the weekend.
"It’s still going to work its way through the system over the next few days, but we should be back to normal fairly soon,'' Granholm said in an interview with the Associated Press.
President Joe Biden also said supplies should start returning to normal by this weekend.
Biden said his administration would seek to put the responsible Russian-speaking ransomware syndicate out of business.
Biden has said he intends to speak directly to Russian President Vladimir Putin about Russia’s harboring of ransomware criminals who caused tens of billions of dollars in damages in Western countries in the past year.
The darknet site of the hacking group blamed for the attack, DarkSide, has gone offline, and its operators said in a cybercriminal forum post that the site would be shutting down, the Associated Press reported.
This could indicate that DarkSide, which rents out its ransomware to partners to carry out the actual attacks, could have taken the site down to prevent Western law enforcement agencies from tracking the rest of its infrastructure, cybersecurity experts said.
In a ransomware cyberattack, hackers lock up computer systems and demand a ransom for the key needed to access the data network again.
Colonial Pipeline, which first reported the cyberattack on May 8, paid a ransom of nearly $5 million in cryptocurrency for the key, according to multiple sources quoted by U.S. news media.
Colonial Pipeline has not disclosed how much money the hackers were seeking or whether it paid.
The FBI advises against paying ransoms because it only encourages ransomware attacks. But many victims opt to pay to get access to their computer data again.
U.S. lawmakers members reintroduced legislation on May 14 to support efforts by the Department of Homeland Security to secure pipelines and pipeline facilities from cyberattacks.