On May 7, 2021, the Colonial Pipeline Company proactively shut down its pipeline system in response to a ransomware attack. On May 13, 2021, Colonial Pipeline announced the company restarted their entire pipeline system and product delivery commenced to all markets.
During the Colonial Pipeline incident, the Department of Energy (DOE) Energy Response Organization was activated to coordinate with industry, interagency, and state partners, providing situational awareness, analysis of impacts, and supporting response efforts. DOE coordinated a whole-of-government response to help support Colonial resume operations quickly and safely, while moving fuel supplies to impacted areas to mitigate impacts to consumers.
Resources
- Watch a video messagefrom Department of Energy Secretary, Jennifer Granholm.
- Watch a video messagefrom Department of Energy Deputy Secretary, David Turk.
- Read the White House fact sheet on Biden-Harris Administration’s all-of-government effort to address Colonial Pipeline incident.
- Read remarks by Secretary of Energy Jennifer Granholm and Secretary of Homeland Security Alejandro Mayorkas at the May 11, 2021 White House press briefing.
Federal Agency Actions
Federal Bureau of Investigation
On May 11, 2021, CISA and the Federal Bureau of Investigation have released a Joint Cybersecurity Advisory on a ransomware-as-a-service (RaaS) variant—referred to as DarkSide—recently used in a ransomware attack against a critical infrastructure company.
Department of Transportation
On May 11, 2021, DOT announced additional help for states in areas affected by the cyberattack on the Colonial Pipeline. The White House and DOT determined that previous declarations of “major disaster” issued by the President within the past 120 days allow States covered by those declarations to use Interstate highways in their State to transport overweight loads of gasoline and other fuels.
On May 11, 2021, DOT outlined ongoing efforts to help mitigate potential impacts of the Colonial Pipeline disruption.
U.S. Department of Transportation Federal Motor Carrier Safety Administration
On May 12, 2021, DOT's Federal Motor Carrier Safety Administration announces additional measures to help states in areas affected by the Colonial Pipeline incident.
On May 12, 2021, DOT's Federal Motor Carrier Safety Administration and Federal Highway Administration issued question and answers on the Colonial Pipeline emergency.
On May 11, 2021, DOT detailed ongoing efforts to help mitigate potential impacts of the Colonial Pipeline disruption, including efforts by the Maritime Administration, the Federal Railroad Administration, the Federal Highways Administration, and the Pipeline and Hazardous Materials Safety Administration, and announced the Federal Motor Carrier Safety Administration added West Virginia to the list of states covered in the temporary hours of service exemption.
On May 9, 2021, DOT's Federal Motor Carrier Administration issued temporary hours of service exemption in response to the unanticipated shutdown of the Colonial Pipeline.
Department of Transportation Pipeline and Hazardous Materials Safety Administration
Federal Energy Regulatory Commission
Environmental Protection Agency
On May 11, 2021, EPA issued a second emergency fuel waiver that waives the requirements for low volatility conventional gasoline and Reformulated Gasoline (RFG) for the District of Columbia and areas of Maryland, Pennsylvania and Virginia, and also includes Alabama, Delaware, Georgia, Specific Counties of Florida, Louisiana, Mississippi, North Carolina, South Carolina, and Tennessee.
On May 11, 2021, EPA issued an emergency waiver of the low volatility Reformulated Gasoline requirements in RFG Covered Areas in District of Columbia, Maryland, Pennsylvania, and Virginia.
Department of Homeland Security
On May 12, 2021, the Secretary of Homeland Security Alejandro Mayorkas announced Department of Homeland Security’s approval of a temporary and targeted Jones Act Waiver in response to eastern seaboard oil supply constraints.
On May 11, 2021, CISA and the Federal Bureau of Investigation have released a Joint Cybersecurity Advisory on a ransomware-as-a-service (RaaS) variant—referred to as DarkSide—recently used in a ransomware attack against a critical infrastructure company.