By Walter Elliott
ESSEX – While some “Local Talk” area motorists may see their gasoline prices settling down after Colonial Pipeline’s owners had resolved its May 5-12 computer hacking attack, its effects may last well beyond the prices at the pumps.
The American Automobile Association-Northeast, among those who track gasoline prices, found the average gallon of regular unleaded gasoline peaking to a $3.07 statewide average as of May 17. This is a nickel up from May 10’s $3.02 average and $1.07 up from May 17, 2019.
AAA-Northeast, on May 10, listed Essex County as second to Bergen County with the highest average gas prices among New Jersey’s 21 counties.
Colonial Pipeline officials, after reopening their 5,500 mains between Texas refineries and its Linden, N.J. terminus 5 p.m. May 12, said that the gasoline, heating oil and kerosene-jet fuel supplies will “take several days” to flow back to normal levels.
CP, from its Alpharetta, Ga. headquarters, closed the pipeline in response to a ransomware attack from a group called DarkSide May 7. It serves 10 Northeast, Mid-Atlantic, Southeast and Gulf Coast states with 45 percent of its gasoline.
New Jersey motorists have noticed the price hikes but may have been spared the panic buying shortages that hit Virginia, the Carolinas, Georgia and – despite not being served by CP – central Florida.
Some 12,000 Southeastern gas stations said they had run out by May 10. Those that remained open had waiting lines reminiscent of the fuel shortages of the 1970s. Several customers were seen filling plastic storage containers and single use plastic bags with gasoline – prompting officials to warn them to use approved motor fuel containers only.
Governors in Florida, Georgia, the Carolinas and Virginia declared states of emergency. Charlotte, N.C. officials suspended non-essential city motor pool use; the regional transit carrier suspended fare collection since May 11.
New Jersey and Delaware were spared the brunt in part because their refineries were able to receive crude oil from nearby seaports and/or were trucked in. Trucking association representatives noted, however, that the tanker truck industry is running with 10 percent fewer drives since before the COVID-19 pandemic.
While CP officials and their IT technicians strived to work around and harden their pipeline control system, President Joseph Biden signed an executive order waiving truck drivers’ work rules and hours. Foreign flag sea tankers were temporarily allowed to ship crude oil between U.S. ports.
Colonial CEO Joseph Blount was meanwhile faced with a dilemma a growing number of executives had before in recent times: pay the hackers their ransom or try to “hack back” their computer control system.
Blount, in a May 19 interview, more than confirmed a rumor that he paid DarkSide $4.4 million in ransom.
“I didn’t make it lightly; I admit that I wasn’t comfortable seeing money go out the door to people like this,” said Blount Wednesday morning. “But it was the right thing to do for this country.”
Blount – in consultations with federal law enforcement and IT professionals – had determined that DarkSide was a “black hat” hacking group.
Black hat hackers will break through a victim’s computer system with damage a forethought. They will at least attempt to disrupt a victim’s operations. Some, like DarkSide, will demand ransom under threat of releasing stolen files. Those files may or may not contain customers’ Social Security numbers or other sensitive information.
Readers may recall, for example, that some of Newark City Hall’s desktop computers were disabled by a computer encryption virus with ransomware April 24-27, 2017. The hackers demanded a 1.7 Bitcoin “fee,” or up to 24 Bitcoins, to unlock and free the software.
Those computers not hit by the Bitcoin ransomware went into “safe mode” until the matter was resolved.
DarkSide, which has been operating since August, is not a “white hat” hacking operation. White hat hackers are individuals who will break into a computer system and then tell its host, “See how easily vulnerable your system is?”
DarkSide, in its statements, have tried to pass themselves off as a “Grey hat” operation – that they will not invade medical or educational institutions’ software.
This group is grey in terms of its host. DarkSide operates from Russia. It is not clear whether it operates independently of the Russian government or has consent or support from the Kremlin.
It is believed that some hacking individuals or groups either work as subcontractors or directly for governments like Russia, mainland China and North Korea.
The FBI has consistently advised victims not to pay ransom; doing so would support the trade in stolen computer data information.
Blount, Wednesday morning, has not said how much CP will also be paying in restoration and hardening costs – which is estimated in the tens of millions of dollars. The CP CEO added that the company will be unable to bill its customers until that part of the system has returned.
CP’s experience has other executives, law enforcers and IT technicians redouble their system rehardening.
As for gas prices substantially subsiding, don’t hold your breath.
The CP hack came three weeks before the May 28-31 Memorial Day weekend. The weekend, also the unofficial start of summer, starts a traditional supply-versus-demand hike. AAA-Northeast anticipates some 40 million Americans on the road that weekend for 50 or more miles from home – a nine percent increase over last year’s “Pandemic Summer.”
There is also refineries’ annual June switch from a wintertime gasoline blend to a summer blend. There also has been a six-month price incline trend.
