A ransomware attack has halted most operations at Atlanta’s Colonial Pipeline, one of the largest fuel transport systems in the United States.
Alpharetta-based Colonial, whose 5,500-mile pipeline system runs from Texas to New Jersey, says it discovered the cyber attack on May 7 and temporarily halted all pipeline operations. In a ransomware attack, hackers infiltrate an organization’s computers and block access or threaten to publish private information unless a ransom is paid.
As of Sunday evening, Colonial said its main pipelines remained offline, but some smaller lateral lines between terminals and delivery points are now operational, the company said.
Colonial is the fifth major metro Atlanta-based company known to be hit by ransomware attacks in the past year. Carrollton, Ga.-based cable manufacturing giant Southwire Co. was attacked in December 2019. SiteOne Landscape Supply Inc. (NYSE: SITE) was hit last July. Then in November 2020, cold-storage giant Americold Realty Trust (NYSE: COLD) reported it was hit with a cybersecurity incident without specifying it was ransomware. Container giant WestRock Co. (NYSE: WRK) was hit in January.
The impact of ransomware attacks varies, and most major companies carry insurance to help pay the costs of attacks.
Americold, which operates more than 200 temperature-controlled warehouses, reported that while it incurred costs to deal with its attack, the attack did not have a significant impact on its operations.
WestRock estimates the impact of the lost sales and operational disruption on its operations in the second quarter of fiscal 2021 to be approximately $50 million, as well as approximately $20 million of ransomware recovery costs, primarily professional fees. The company says it expects to make a total insurance claim of approximately $75 million, and expects to recover substantially all of the ransomware losses from cyber and business interruption insurance.
WestRock noted that it is making information technology investments that it had planned to make in future periods to further strengthen its information security infrastructure, and has engaged a leading cybersecurity defense firm that completed a forensics investigation of the ransomware incident. “We are taking appropriate actions in response to the findings,” the company said.