US issues emergency declaration following Colonial Pipeline ransomware incident, relaxing transport rules

The 'regional emergency declaration” is meant to alleviate any disruptions to supply following the incident at Colonial Pipeline.
Getty Images

After a ransomware attack hampered one of the largest pipeline operators in the U.S., the Transportation Department on Sunday issued an emergency directive allowing drivers in 17 states and the District of Columbia to work longer hours to transport fuel.

The “regional emergency declaration” is meant to alleviate any disruptions to supply following the security incident at Colonial Pipeline, which the company revealed Friday. While the Georgia-based company normally delivers more than 100 million gallons of gas, diesel and other products daily to customers from Texas to New York, according to its website, the ransomware infection forced a temporary halt to its operations. Colonial Pipeline says it transports some 45% of all fuel consumed on the East Coast.

The Transportation Department’s declaration means that truckers carrying gasoline, diesel, jet fuel and other refined petroleum products are temporarily exempt from laws restricting the amount of time they are allowed to be on the road. It applies to a swath of states in the South and on the East Coast, from Texas to Georgia to New York.

Colonial Pipeline personnel worked over the weekend to try to gradually restore pipeline operations as the incident attracted international attention. A large part of those operations still appeared to be down by Sunday evening.


“While our mainlines … remain offline, some smaller lateral lines between terminals and delivery points are now operational,” the company said in a statement on Sunday evening. “We are in the process of restoring service to other laterals and will bring our full system back online only when we believe it is safe to do so, and in full compliance with the approval of all federal regulations.”

President Joe Biden was briefed on the ransomware attack on Saturday morning, according to a White House spokesperson. The White House created an interagency working group over the weekend to consider what impact the hack might have on fuel supply, a White House official said.

Officials at the Department of Energy — the lead agency for handling the incident — have been worked to address the situation. Officials are used to scenarios like this because of hurricanes and other natural disasters, according to one person familiar with the response who spoke on the condition of anonymity to describe internal deliberations. It’s an energy resilience exercise, but with a cybersecurity element, the person added.

The Colonial Pipeline disruption is the third major cybersecurity incident confronting the Biden administration in its first few months, following the hack of software made by SolarWinds and the exploitation of Microsoft Exchange Server vulnerabilities.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts