S.C. under FMCSA emergency declaration following DarkSide hack

Listen to this article

After a ransomware attack on Colonial Pipeline Co. halted all operations at the Georgia-based pipeline, South Carolina and 16 other states were placed under a “regional emergency declaration” calling for an immediate transport of gasoline, diesel and jet fuel to mitigate an impending shortage.

“Such emergency is in response to the unanticipated shutdown of the Colonial pipeline system due to network issues that affect the supply of gasoline, diesel, jet fuel and other refined petroleum products throughout the affected states,” the May 9 declaration from the Federal Motor Carrier Safety Administration said.

States and territories impacted by Colonial Pipeline’s decision to go offline include Alabama, Arkansas, the District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, Tennessee, Texas and Virginia, according to the declaration.

The declaration grants commercial transport fleets bringing fossil fuels to impacted states an exemption from hours-of-service requirements under the Parts 390 through 399 of Title 49 Code of Federal Regulations until June 8 or the “end of the emergency,” according to a news release. The declaration waives a mandated 10-hour break after truck drivers have reached driving limits.

“We continue to evaluate product inventory in storage tanks at our facilities and others along our system and are working with our shippers to move this product to terminals for local delivery,” Colonial Pipeline said in a noon statement today. “Actions taken by the federal government to issue a temporary hours of service exemption for motor carriers and drivers transporting refined products across Colonial’s footprint should help alleviate local supply disruptions.”

The company said that segments of the pipeline have returned online with aid but added that “restoring our network to normal operations is a process that requires the diligent remediation of our systems, and this takes time.”

A few minutes after noon, the Federal Bureau of Investigation confirmed the ransomware group Darkside was responsible for the attack.

The groups could be linked to a former Soviet republic as it seems to spare Russian, Kazakh and Ukrainian-speaking companies from attacks, according to a report from Reuters. DarkSide’s site on the dark web proports to have cashed in millions from extortion and features a “Hall of Shame” gallery of stolen documents from 80 companies across the U.S. and Europe.

Following the May 7 attack, Colonial Pipeline hired a third-party cybersecurity firm and contacted several federal agencies including the U.S. Department of Energy, which is leading the response, according to the release. As of Sunday at 5 p.m., all four main lines remained offline.