The U.S. Department of Transportation’s Pipeline and Hazardous Materials Safety Administration (PHMSA) has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety regulations, worsening the impact of the ransomware attack last year.
The $986,400 penalty is the result of an inspection conducted by the regulator of the pipeline operator’s control room management (CRM) procedures from January through November 2020.
The PHMSA said that “a probable failure to adequately plan and prepare for manual shutdown and restart of its pipeline system […] contributed to the national impacts when the pipeline remained out of service after the May 2021 cyberattack.”
Colonial Pipeline, operator of the largest U.S. fuel pipeline, was forced to temporarily take its systems offline in the wake of a DarkSide ransomware attack in early May 2021, disrupting gas supply and prompting a regional emergency declaration across 17 states.
The incident also saw the company shelling out $4.4 million in ransom to the cybercrime syndicate to regain access to its computer network, although the U.S. government managed to recover a significant chunk of the digital funds paid.
“The pipeline shutdown impacted numerous refineries’ ability to move refined product, and supply shortages created wide-spread societal impacts long after the restart,” PHMSA said in a Notice of Probable Violation and Proposed Compliance Order.
“Colonial Pipeline’s ad-hoc approach toward consideration of a ‘manual restart’ created the potential for increased risks to the pipeline’s integrity as well as additional delays in restart, exacerbating the supply issues and societal impacts.”