The U.S. Department of Homeland Security (DHS) is leading a governmentwide response to the cyberattack that shuttered the largest fuel pipeline in the United States last week, sparking concerns about gasoline shortages.
Testifying before the Senate Appropriations Committee on Wednesday, DHS Secretary Alejandro Mayorkas said the Biden administration is considering invoking a range of emergency authorities to ensure that gasoline carried by ships reaches the regions adversely impacted by the Colonial Pipeline’s shutdown last Friday.
“We’re working at the direction of the president in an all-of-government way to address the cybersecurity threat that Colonial suffered and that other businesses and institutions across all our country all are vulnerable to,” Mayorkas said.
The Colonial Pipeline system was forced to shut down its entire network along the U.S. East Coast in the wake of a ransomware attack claimed by a cybercriminal gang known as DarkSide. Colonial said Wednesday afternoon it was restarting operations, but the company expects “it will take several days for the product delivery supply chain to return to normal.”
DarkSide first surfaced last August, and its creators and affiliates have since launched a global cybercrime spree in more than 15 countries, according to the cybersecurity firm FireEye. Anne Neuberger, deputy national security adviser for cyber and emerging technology, told reporters on Monday that the FBI has been tracking the group since at least October. U.S. intelligence agencies are investigating whether the gang has ties to the Russian government or other nation-states, Neuberger said.
The FBI says it does not advise paying a ransom to cybercriminals, and Colonial has not said whether it has made such a payment.
Mayorkas said the ransomware attack on the U.S. pipeline operator, which moves nearly half of the East Coast’s fuel, was of the type he had recently warned American business leaders about. This sort of high-stakes hacking, he added, “has galvanized, correctly, our attention.”
In April, the Justice Department set up a task force dedicated to combating ransomware, part of a broader Biden administration effort to counter cyberthreats. The task force coordinates governmentwide efforts to identify and disrupt ransomware attacks.
Deputy Attorney General Lisa Monaco told the recent Munich Cyber Security Conference that last year was the worst ever for ransomware attacks, with victims incurring billions of dollars in losses. She added that she had ordered a 120-day review of how the Justice Department tackles cybersecurity challenges.
Working with community organizations and law enforcement agencies, the rebranded center will ensure “our prevention efforts are grounded in an approach to violence prevention that leverages behavioral threat assessment and management tools and addresses early-risk factors that can lead to radicalization to violence,” Mayorkas said.
Mayorkas testified alongside Attorney General Merrick Garland on domestic violent extremism.