MIAMI – A major fuel pipeline in the US was shut down by a cyberattack last week, forcing US carriers to find alternatives to fuel their flights.

The plant, which is owned by Colonial Pipeline of Houston, supplies 45% of the fuel on the East Coast of the United States and serves seven airports directly.

According to the company, its system is the largest in the US, covering more than 5,500 miles and transporting more than 100 million gallons of fuel every day. The company’s slogan reads, “America’s Energy Lifeline.”

After discovering the hack, the company, which operates pipelines for oil, jet fuel, and other refined petroleum products, suspended operations, stating that it “proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.”

“By the end of the week,” the company said, it hopes to “substantially restore operational service.”

Image: Colonial Pipeline of Houston

Airports Affected

According to Andy Lipow, chairman of the consulting company Lipow Oil Associates, airports in Baltimore, Atlanta, Charlotte, and Nashville have between four and five days of fuel reserve.

Atlanta’s Hartsfield-Jackson International Airport (ATL), the now second-busiest airport in the world, said it was searching for new fuel suppliers. According to ATL, operations are unaffected as of yet.

In a statement, an airport spokeswoman said that ATL and its airline partners were in close contact with fuel suppliers and taking measures to minimize any effect the Colonial incident might have. “Currently, ATL is coordinating with additional suppliers to augment the airport’s fuel inventory.”

American AirlinesN929AA Airbus A321-231(WL). Photo: Andrew Henderson/Airways

Airlines Affected

American Airlines (AA) was forced to add refueling stopovers to two of its regular routes due to the pipeline shutdown. A flight from Charlotte Douglas Airport (CLT) to Honolulu International Airport (HNL) is normally nonstop, but it must stop at Dallas-Fort Worth International (DFW), which has unaffected fuel supplies. Passengers were then moved to another aircraft.

For the same cause, another flight from Charlotte to London Heathrow Airport (LHR) will land at Boston Logan International Airport (BOS). From May 15, 2021, the two regular flights should be direct once more. Southwest (WN) and United Airlines (UA) also confirmed that they had not yet been affected, although Delta Air Lines (DL) declined to comment.

Delta Air Lines N303DU Airbus A220-300. Photo: Mateo Skinner/Airways

Why the Attack

The FBI traced the cyberattack back to an agency named DarkSide on May 10, 2021. The latter admitted to being involved, saying it did so in exchange for a ransom. “Our goal is to make money, not creating problems for society,” DarkSide said in a statement.

In the cyberattack, hackers encrypted the company’s computer data with ransomware, a form of malware, holding it hostage until a ransom is paid. In addition, the attackers steal the data and threaten to publish it in what is basically a double extortion scheme.

A Department of Transportation (DoT) agency posted a regional emergency declaration for 18 states and Washington, DC, “in response to the unanticipated shutdown of the Colonial pipeline system due to network issues that affect the supply of gasoline, diesel, jet fuel, and other refined petroleum products throughout the Affected States.” The declaration is designed to keep the fuel supply on the East Coast flowing.

North CarolinaSouth Carolina and Virginia have also declared states of emergency.

Featured image: Fueling an aircraft. Photo: Jebulon, CC0, via Wikimedia Commons