US President Joe Biden speak about the Covid-19 response and the vaccination program in the State Dining Room of the White House on May 4, 2021.
Nicholas Kamm | AFP | Getty Images
WASHINGTON — President Joe Biden on Thursday addressed the ransomware cyberattack on Colonial Pipeline, which has crippled gas delivery systems up and down the East Coast this week.
The company restarted operations Wednesday afternoon, but said the delivery schedule won’t return to normal for several days.
Biden Energy Secretary Jennifer Granholm tweeted Thursday morning that Colonial Pipeline’s restart “went well overnight,” and “this should mean things will return to normal by the end of the weekend.”
But gas analyst Patrick De Haan predicted that mid-Atlantic states could continue to see shortages at the gas pump for the next week, while supply catches up with demand.
Biden’s remarks come a day after the president signed an executive order mandating significant changes to government cybersecurity standards, aimed at strengthening the nation’s cyber defenses in critical sectors of the economy.
The president’s order creates more stringent reporting requirements for companies that are targeted by cyberattacks, like Colonial Pipeline, especially if the company interacts with government IT systems.
The order also calls on the federal government and private sector to work together to combat “persistent and increasingly sophisticated malicious cyber campaigns.”
The latest moves by the Biden administration represent what the White House says is a large-scale government mobilization to respond to the crisis, which began when Colonial Pipeline informed federal agencies last Friday that it had been the target of a ransomware attack.
The assault forced the company to shut down approximately 5,500 miles of pipeline, leading to a disruption of nearly half of the nation’s East Coast fuel supply.
The attack on Colonial Pipeline has been traced back to a hacker group called the DarkSide, an organized group of hackers set up along the “ransomware as a service” business model. This means the DarkSide hackers develop and market ransomware hacking tools, and sell them to other criminals who then carry out attacks.
DarkSide is believed to operate out of Russia, but the White House has said it has no evidence so far that the attack was state-sponsored or directed by the Kremlin.
— CNBC’s Pippa Stevens contributed to this report.