The majority of gas stations in the United States capital Washington D.C. have now run out of fuel, days after a major cyberattack forced the nation's largest gasoline pipeline offline.
According to tracking service GasBuddy.com, around 88% of gas stations were out of fuel in Washington D.C. on Friday.
This was despite Georgia-based Colonial Pipeline saying on Thursday that it was making "substantial progress" in restoring operations.
Gasoline deliveries were being made in all of its markets but it would take "several days" to return to normal, Colonial stated.
Energy Secretary Jennifer Granholm pleaded with drivers not to hoard fuel.
"Really, the gasoline is coming,'' she said. "If you take more than what you need, it becomes a self-fulfilling prophecy in terms of the shortages," she said.
How the cyberattack unfolded
Hacker group DarkSide is thought to have targeted the pipeline on May 7.
The hackers did not take control of the pipeline's operations, but Colonial shut it down to prevent the malware from impacting its industrial control systems.
Multiple sources reported that the company had paid the criminals a ransom of nearly $5 million (€4.1 million) in cryptocurrency for a software decryption key required to unscramble their data network.
DarkSide allegedly stole information from Colonial's network prior to the attack. What the group stole is unclear and Colonial has not yet said what this might be.
Widespread gas pump shortages continue
The Colonial Pipeline stretches from Texas to New Jersey and delivers about 45% of the gasoline consumed on the East Coast.
The shutdown has caused shortages at the pumps throughout the country's south in addition to the Washington, D.C. area.
On Friday, around 45% of gas stations were out in Virginia and 39% of Maryland stations were dry. About 65% of stations were without gas in North Carolina, and nearly half were tapped out in Georgia and South Carolina.
What is DarkSide?
Cybersecurity experts said that DarkSide is a group that rents out its ransomware to partners to carry out the actual attacks.
President Joe Biden said US officials "have strong reason to believe that the criminals who did the attack are living in Russia." But he said he did not think that the Russian government was behind the attack.
Biden has promised aggressive action against those responsible.
DarkSide's public-facing darknet site went offline on Thursday. Its operators said in a cybercriminal forum post that the group had lost access to it and would be shutting down.
The group said it had hacked four other companies, including a Toshiba subsidiary in Germany.
Cyberattacks on US critical infrastructure
It is the latest cyberattack targeting US critical infrastructure. At the end of 2020, a large-scale cyberattack, named "Sunburst," infiltrated parts of the US government. This included the National Nuclear Security Administration (NNSA), part of the Department of Energy, confirmed that it had fallen victim to the attack. The NNSA is responsible for US nuclear weapons.
kmm/mm (AFP, AP, Reuters)