Colonial Pipeline Co. operates the 5,500 mile Colonial Pipeline system taking fuel from the refineries of the Gulf Coast to the New York metro area. The attack appeared to involve ransomware, where the attacker seizes control of computer systems to demand a payoff.
"If supply is not restored in near future, what’s going to happen is you're going to have more demand for gasoline than supply, and it will drive the prices," Yury Dvorkin, assistant professor of electrical and computer engineering at the New York University Tandon School of Engineering, told FOX Business in an interview.
The pipeline transports more than 100 million gallons a day, or roughly 45% of fuel consumed on the East Coast, according to the company's website. It delivers fuels including gasoline, diesel, jet fuel and heating oil and serves U.S. military facilities.
"Gasoline is a market commodity, and the price determined by equilibrium of supply and demand. The result of this attack is now supply is limited, but demand keeps increasing because the economy keeps recovering. With every day coming, more Americans commute to work, more Americans reconvene normal economic activities so the demand increases as result."
Dvorkin said that if the pipeline is only shut down for a matter of hours or a couple days, the effect on gas prices would be minimal. But if the shutdown drags out, he said the effect on prices could be comparable to that of Hurricane Sandy.
It’s not yet clear who the attackers were, whether it was a state actor or a criminal group. But Dvorkin said this sort of "sophisticated attack" demonstrates that the attacker had capabilities "not available to ordinary citizens."
Dvorkin said he is leaning towars believing the attack was perpetrated by a nonstate actor since it was ransomware and the actor was motivated by a payoff. "In many cases when state actors execute such attacks they are not economically motivated," Dvorkin said.
The FBI, Department of Energy (DOE) and Cybersecurity and Infrastructure Security Agency (CISA) have all said they are working in collaboration with Colonial Pipeline to get to the bottom of the attack. A DOE spokesperson told FOX Business the department "is monitoring any potential impacts to energy supply."
FireEye Inc., a U.S.-based cybersecurity firm, is also investigating the attack, according to people familiar with the matter.
And as U.S. infrastructure increasingly relies on cyberspace, such attacks are expected to become more frequent.
Lawmakers used the attack to demand movement on the infrastructure debate raging on Capitol Hill.
"There's obviously much still to learn about how this attack happened, but we can be sure of two things: This is a play that will be run again, and we’re not adequately prepared," Sen. Ben Sasse, R-Neb., said in a statement. "If Congress is serious about an infrastructure package, at front and center should be the hardening of these critical sectors — rather than progressive wishlists masquerading as infrastructure."
Dvorkin said Friday’s shutdown of the pipeline was not a failure to identify the cyberattack but rather a failure of the capacity to isolate the component being targeted, leading to the shuttering of the entire pipeline.
Since much of energy infrastructure is owned and operated by the private sector, CISA on Saturday issued a warning to companies to take steps to bolster their cybersecurity measures.
"This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats," Eric Goldstein, CISA's Executive Assistant Director of the Cybersecurity Division, said in a statement to FOX Business.