The US government issued emergency legislation on Sunday after the largest fuel pipeline in the US was hit by a ransomware cyber-attack. The Colonial Pipeline carries 2.5 million barrels a day - 45% of the East Coast's supply of diesel, gasoline and jet fuel.
It was completely knocked offline by a cyber-criminal gang on Friday and is still working to restore service. The emergency status enables fuel to be transported by road.
A total of 18 states have been granted a temporary hours of service waiver for transporting gasoline, diesel, jet fuel and other refined petroleum products.
They are Alabama, Arkansas, District of Columbia, Delaware, Florida, Georgia, Kentucky, Louisiana, Maryland, Mississippi, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.
Experts say fuel prices are likely to rise 2-3% on Monday, but the impact will be far worse if it goes on for much longer.
Independent oil market analyst Gaurav Sharma told the BBC there is a lot of fuel now stranded at refineries in Texas. "Unless they sort it out by Tuesday, they're in big trouble," said Mr Sharma. "The first areas to be impacted would be Atlanta and Tennessee, then the domino effect goes up to New York."
He said oil futures traders were now "scrambling" to meet demand, at a time when US inventories are declining, and demand - especially for vehicular fuels - is on the rise as consumers return to the roads and the US economy attempts to shake off the effects of the pandemic.
While DarkSide is not the largest such gang in this space, the incident highlights the increasing risk ransomware is posing to critical national industrial infrastructure, not just businesses.
It also marks the rise of an insidious criminal IT eco-system worth tens of millions of pounds [dollars], that is unlike anything the cyber-security industry has ever seen before. In addition to a notice on their computer screens, victims of a DarkSide attack receive an information pack informing them that their computers and servers are encrypted.
The gang lists all the types of data it has stolen, and sends victims the URL of a "personal leak page" where the data is already loaded, waiting to be automatically published, should the company or organisation not pay before the deadline is up. DarkSide also tells victims it will provide proof of the data it has obtained, and is prepared to delete all of it from the victim's network.
According to Digital Shadows, a London-based cyber-security firm that tracks global cyber-criminal groups to help enterprises limit their exposure online, DarkSide operates like a business.
Digital Shadows thinks the Colonial Pipeline cyber-attack has come about due to the coronavirus pandemic - the rise of engineers remotely accessing control systems for the pipeline from home.
James Chappell, co-founder and chief innovation officer at Digital Shadows, believes DarkSide bought account login details relating to remote desktop software like TeamViewer and Microsoft Remote Desktop.
Mr Chappell added that Digital Shadows' research showed the cyber-criminal gang is likely based in a Russian-speaking country, as it seems to avoid attacking companies in the Commonwealth of Independent States - an organisation of the countries of Russia, Ukraine, Belarus, Georgia, Armenia, Moldova, Azerbaijan, Kazakhstan, Kyrgyzstan, Tajikistan, Turkmenistan and Uzbekistan.
https://www.bbc.com/news/business-57050690
"Everyone is entitled to their own opinion, but not their own facts." - Daniel Patrick Moynihan