### Fuel Stopped at $40 Million--Colonial Pipeline Incident and Modern Cyber Warfare (2021)

### Fuel Stopped at $40 Million--Colonial Pipeline Incident and Modern Cyber Warfare (2021)

In May 2021, Colonial Pipeline, one of the largest fuel supply networks in the United States, was attacked by the Russian ransomware group DarkSide, which shut down its operations completely. This was a notable incident in the history of U.S. cybersecurity, with a ransom of approximately $4.4 million (about $480 million at the time) paid.

The attack was also an incident that visualized how digitally dependent our supply chains and daily lives are. The manner in which IT vulnerabilities were exploited during the pandemic was more than just a corporate attack; it had the appearance of a "new war" that threatened the nation's fuel supply itself. In fact, after the pipeline was shut down, lines formed at gas stations on the East Coast of the United States, causing panic buying. Confusion also spread to the airline industry and logistics.

In the background, ransomware has become a service (RaaS), and there is a growing black market in which the roles of criminal and customer are divided. This model has lowered the technical hurdles for attackers and encouraged them to diversify their targets; DarkSide took the unusual step of issuing an apology after the crime, claiming that the attack "caused undue social disruption," but the gravity of the situation remained the same.

The incident prompted the Biden administration to position cyberattacks against national infrastructure as a "strategic threat" and to strengthen federal-led countermeasures, and the FBI later launched a counterattack by seizing some virtual currency, bringing to the surface the battle between the government and criminals in cyberspace.
The "$4.4 million payment" was not just a ransom, but the price of time paid on the front lines of cyber warfare.