The majority of U.S. refining capacity is on the Gulf Coast. Refineries there receive a combination of domestic and Canadian crude via pipeline, as well as waterborne imports from all over the world. The crude oil is converted into gasoline, diesel, jet fuel, and miscellaneous other products.
Of the 15 million barrels per day (BPD) of crude oil that U.S. refineries currently process, the Gulf Coast refines about 8.4 million BPD (56%). But that is a mismatch with regional demand for petroleum products.
Last year was a bit of anomaly in that Gulf Coast demand for petroleum products was actually greater than demand on the East Coast. But for most of the past decade, the East Coast was responsible for 5.5 to 5.9 million BPD of demand, and the Gulf Coast was responsible for 5.2 to 5.7 million BPD of demand.
Because refinery output is greater on the Gulf Coast than demand — and because East Coast refining capacity is only 4% of the U.S. total, the Colonial Pipeline serves to connect East Coast demand with Gulf Coast supplies.
The Colonial Pipeline originates in Houston and terminates at the Port of New York and New Jersey. It traverses the southeastern states of Louisiana, Mississippi, Alabama, Georgia, South Carolina, North Carolina, and Virginia, and continues north through Maryland, Delaware, Pennsylvania, and New Jersey.
The pipeline transports about 100 million gallons per day of gasoline, diesel and jet fuel, supplying about 45% of the fuel needs of ~50 million customers. The Colonial Pipeline is, without a doubt, the most important finished product pipeline in the U.S.
In 2016 the Colonial Pipeline was thrust into the national spotlight when a leak in Alabama spilled 252,000 gallons of gasoline. This resulted in a 12-day interruption in the pipeline’s service, and led to price surges all along the pipeline’s route.
The latest interruption to the Colonial Pipeline took place two weeks ago, when a ransomware attack forced a shut down of all pipeline operations. Bloomberg reported that the hackers behind the attack began to steal a large amount of data from the pipeline’s networks on Thursday, and then on Friday they locked the computers with ransomware and demanded payment.
The Cybersecurity and Infrastructure Security Agency (CISA), a standalone United States federal agency under Department of Homeland Security oversight, addressed the incident in a statement on Twitter:
“We are aware of the Colonial Pipeline ransomware incident. We are engaged with Colonial and our interagency partners regarding the situation. This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.”
Commerce Secretary Gina Raimondo addressed the outage on CBS’s Face the Nation program: “We are working closely with the company, state and local officials, to make sure that they get back up to normal operations as quickly as possible and there aren’t disruptions in supply. It’s an all hands on deck effort right now.”
Colonial brought service back online after about a week, but panic-buying along the pipeline’s route caused gasoline shortages in many locations. But this was one of the most serious ransomware incidents to date, impacting tens of millions of people. It was a major national security incident, and it highlights the vulnerability of the nation’s infrastructure to these sorts of attacks.
Although this incident was serious, a shutdown of a large section of our power grid during a heat wave or winter storm could have far more deadly implications. It seems highly likely that this incident will lead to a response from the federal government to shore up protections of our critical infrastructure, and it puts more pressure on companies to ramp up their cybersecurity efforts.