A cyberattack has prompted a company that operates a major energy pipeline in the U.S. to shut down operations.
The Colonial Pipeline Company said in a statement it learned on Friday that it was the victim of a cybersecurity attack, and so “proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems.”
The breach appears to be an attack on the nation’s critical energy infrastructure.
The company describes its pipeline as “the largest refined products pipeline in the United States,” and says it transports more than 100 million gallons of fuel through a pipeline system spanning 5,500 miles between Texas and New Jersey.
“Upon learning of the issue, a leading, third-party cybersecurity firm was engaged, and they have already launched an investigation into the nature and scope of this incident, which is ongoing,” the company said in its statement. “We have contacted law enforcement and other federal agencies.”
It said it is taking steps to understand and resolve the issue and its primary focus is the safe and efficient restoration of service “and our efforts to return to normal operation.”
It’s unclear who is behind the attack. Details of the incident are unclear.
The FBI leads investigations on cyberattack incidents, but infrastructure such as the pipeline is the responsibility of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. The FBI and CISA have not yet returned requests for comment.
The attack comes after the Biden administrationagainst Russia last month in retaliation for recent incursions including the . The SolarWinds intrusion that initially gave cyber criminals access to 18,000 government and private computer networks, though a much smaller number were the actual targets of espionage, according to CISA.
Cybersecurity experts have recently called on the Biden administration and Congress to shore up the nation’s digital infrastructure.
“It’s clear that we’re in the midst of a new normal of cyber enabled malicious activity. The status quo costs American businesses and government agencies hundreds of billions of dollars a year in lost productivity, fraud, and disrupted operations,” former CISA director Christopher Krebs and former senior cybersecurity adviser at CISA Matthew Masterson said in an April op-ed in The Hill. “Congress needs to pass a comprehensive digital infrastructure investment bill that authorizes and funds grants to state and local agencies to modernize their technology platforms and obtain the support they need to manage those systems, and safeguard against cyber attacks like ransomware.”