The FBI confirmed on Monday that criminal ransomware gang DarkSide is responsible for the cyberattack on the Colonial Pipeline network.
“The FBI confirms that the DarkSide ransomware is responsible for the compromise of the Colonial Pipeline networks. We continue to work with the company and our government partners on the investigation,” the FBI wrote in a statement.
Colonial Pipeline, which funnels refined gasoline and jet fuel from Texas to New York, announced on Friday that it was shuttering 5,500 miles of pipeline in an effort to contain the breach.
Additionally, the group said it halted all pipeline operations.
On Saturday, the Federal Motor Carrier Safety Administration issued a regional emergency declaration in 17 states and in Washington, D.C., in response to the shutdown of the pipeline, which supplies about 45 percent of fuel used by the East Coast.
The declaration lifted restrictions for motor carriers and drivers who are providing assistance to areas that are suffering a shortage of “gasoline, diesel, jet fuel, and other refined petroleum products.”
The confirmation from the FBI comes after The Associated Press reported on Sunday that the cyberattack had been traced back to DarkSide.
In a statement on Monday, Colonial Pipeline said the company is executing a plan that aims to substantially restore operational services by the end of this week.
“While this situation remains fluid and continues to evolve, the Colonial operations team is executing a plan that involves an incremental process that will facilitate a return to service in a phased approach. This plan is based on a number of factors with safety and compliance driving our operational decisions, and the goal of substantially restoring operational service by the end of the week. The Company will provide updates as restoration efforts progress,” the group said in a statement.