Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Aïda Amer/Axios

"We are on the cusp of a global pandemic," said Christopher Krebs, the first director of the Cybersecurity and Infrastructure Security Agency, told Congress last week. The virus causing the pandemic isn't biological, however. It's software.

Why it matters: Crippling a major U.S. oil pipeline this weekend initially looked like an act of war — but it's now looking like an increasingly normal crime, bought off-the-shelf from a "ransomware as a service" provider known as DarkSide.

Driving the news: Colonial runs the largest refined products pipeline in the country, transporting over 100 million gallons per day. It was shut down on Friday in response to a ransomware attack, and will be reopened in "an incremental process" over the course of this week, per a corporate statement.

  • That's faster than the market expected — energy prices fell after the statement was released, after rising on the initial shutdown news.

The big picture: No company is safe from ransomware, and often the lines between criminals and state actors can be fuzzy. Preventing even bigger future attacks will require a so-far elusive degree of coordination between the public and private sectors in dozens — if not hundreds of countries.

  • Threat level: Very high. "Cybersecurity will be the issue of this decade in terms of how much worse it is going to get," IBM CEO Arvind Krishna told reporters Monday.
  • Currently, per Forrester analyst Allie Mellen, companies' main strategy is to pay up if hit — and to try to be slightly less vulnerable to attack than their competitors. "What do security pros do right now to lower their risk in the face of future ransomware attacks? Outrun the guy next to you,” Mellen says.

Between the lines: If anything, Colonial Pipeline was lucky that it is so important to the functioning of the American economy. Its systemic status helped to mobilize the full resources of the U.S. government, and even elicited an apology, of sorts, from DarkSide.

  • “Our goal is to make money and not creating problems for society," said the group in a statement on the dark web. "From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences.”

What they're saying: "There is no silver bullet for solving this challenge," concludes a major report on combating ransomware from the Institute for Security + Technology. "No single entity alone has the requisite resources, skills, capabilities, or authorities to significantly constrain this global criminal enterprise."

  • The fight will require the active involvement of the National Security Council, says the report, as well as much more regulation of cryptocurrency, which is invariably used to pay the ransom.
  • It will also require a major upgrade of technology systems at the state and local level, very few of which have been migrated to cloud-based systems that can try to keep one step ahead of the bad guys.

The bottom line: The Colonial Pipeline attack was so big that it couldn't help but make headlines. But most attacks are quietly paid off with no fanfare and no publicity, making it extremely difficult to gauge the true scale of the problem.

Go deeper

Ina Fried, author of Login
May 11, 2021 - Technology

Why companies and cities are such a juicy target for ransomware

Illustration: Sarah Grillo/Axios

Last weekend's ransomware attack on a major U.S. energy pipeline highlighted a growing dilemma facing U.S. companies and institutions: the more their processes go digital, the more vulnerable they are to malicious digital attacks.

Why it matters: The tech industry loves to talk up how the pandemic accelerated the pace of digital transformation, which it has. But that brings fresh risks from cyberattacks with a broad range of motivations — from hacker mischief to international espionage to financial profit, as appears to be the case with the new incident.

Updated May 10, 2021 - Energy & Environment

Colonial Pipeline aims to be "substantially" back online by end of week

Photo: Luke Sharrett/Bloomberg via Getty Images

The FBI confirmed in a statement Monday that a professional cybercriminal group called DarkSide was responsible for a ransomware attack on the Colonial Pipeline network, which provides roughly 45% of the fuel used on the East Coast.

The latest: President Biden said at a press briefing that there is no evidence so far to indicate that Russia was involved in the attack, although he plans to meet with Russian President Vladimir Putin soon. Officials previously said no countries are being blamed for the attack.

Updated May 8, 2021 - Energy & Environment

Ransomware attack forces shutdown of major U.S. fuel pipeline

A police officer stands guard inside the gate to the Colonial Pipeline Co. Pelham junction and tank farm in Pelham, Alabama, in 2016. Photo: Luke Sharrett/Bloomberg via Getty Images

A major U.S. fuel pipeline running from Texas to New York has been taken offline by its operator because of a ransomware attack, Colonial Pipeline said Saturday.

Why it matters: It's a significant breach of critical infrastructure and comes on the heels of multiple other major cyberattacks on both U.S. companies and the federal government.