Cyberattack continues to paralyze Colonial Pipeline

The FBI now says the hack that took one of the country's most crucial oil pipelines offline is linked to a gang of cybercriminals, potentially from Russia. The breach is paralyzing Colonial Pipeline, which supplies nearly half of all fuel on the East Coast.

Colonial Pipeline operates more than 5,500 miles and transports over 100 million gallons of fuel a day from Texas up to New Jersey.

For millions of Americans, the biggest question is what the potential impact will be at the pump. So far gas prices jumped about 6 cents per gallon in the last week, AAA says. If the pipeline remains closed for longer, there are concerns it will get worse.

President Joe Biden said he has been briefed daily about the cyberattack.

"The FBI has determined Colonial's network was infected by ransomware," Biden said. "It's a criminal act."

Biden stopped short of directly blaming the Russian government but said if the crime originated inside Russia, the Kremlin should bear some responsibility.

Federal investigators attributed the cyberattack to an organization known as DarkSide, a group believed to be based in Russia or Eastern Europe.

Ransomware attack on major U.S. pipeline linked to criminal gang known as DarkSide

"They have figured out how to commercialize and make a business out of cybercrime," Dr. Eric Cole, a cybersecurity expert, said. "They are very well organized."

Cole, the author of Cyber Crisis, said hackers likely broke into Colonial's system using a ransomware attack, possibly after an employee clicked on a bogus link. 

Get breaking news alerts in the FOX 5 NY News app. Download for FREE!

"Because with the pandemic, we now have so many more access points because everybody's working from home, most likely sent an email with a link that looked legitimate, somebody clicked on that attachment or opened that link, infected the computer, it then went over the network into their it network," Cole said. "And this software is very smart. It knows how to navigate and go into the network, identify critical data. And then essentially, it's just automated software that just starts encrypting and holding all the information hostage and just wormed its way through the entire network."

But strangely, the DarkSide group issued a statement saying it didn't mean to create problems. The group just wanted the money.

"To me, this sounds very, very familiar to the mafia, in the 70s, and 80s," Cole said. "So I guess their intent was, 'You should just pay us millions of dollars immediately. And this isn't our fault, because Colonial is not paying the ransom. This is their fault, not ours,' which to me, is absurd to be coming from a criminal element."

For now, the Biden administration relaxed rules on fuel being transported by road to minimize disruption to supply via the pipeline.

It is unclear if Colonial is willing or has already paid the ransom being demanded.