Service at gas pumps should be ‘normal’ by end of weekend after Colonial Pipeline attack, Granholm says

Colonial Pipeline, the company hit last week in a cyberattack that forced a shutdown of the nation’s largest gasoline pipeline, said its pipeline system has returned to normal operations and is delivering millions of gallons per hour. 

However, the company said it will take several days for delivery to return to normal

"Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during this start-up period," the company wrote on Twitter. 

"Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal."

The company said those markets include Texas, Louisiana, Mississippi, Alabama, Tennessee, Georgia, South Carolina, North Carolina, Virginia, Maryland, Washington, D.C., Delaware, Pennsylvania and New Jersey. 

RELATED: Colonial Pipeline restores full service, return to normal will take ‘several days’

The Colonial Pipeline stretches from Texas to New Jersey and delivers about 45% of the gasoline consumed on the East Coast. The shutdown has caused shortages at the pumps throughout the South and emptied stations in the Washington, D.C., area.

A cyberattack by hackers who lock up computer systems and demand a ransom to release them hit the Colonial Pipeline on May 7. The hackers didn’t take control of pipeline operations, but the Georgia-based company shut it down to prevent malware from affecting industrial control systems.

As Colonial reported making "substantial progress" Friday in restoring full service, two people briefed on the matter confirmed the company had paid a ransom of about $5 million.

Also on Saturday, Energy Secretary Jennifer Granholm said the nation is "over the hump" on gas shortages and that service should return to normal in most areas by the end of the weekend.

"The good news is that ... gas station outages are down about 12% from the peak" as of Friday afternoon, with about 200 stations returning to service every hour, she said. "It’s still going to work its way through the system over the next few days, but we should be back to normal fairly soon.''

Granholm, like other Biden administration officials, urged drivers not to panic or hoard gasoline.

"Really, the gasoline is coming,'' she said. "If you take more than what you need, it becomes a self-fulfilling prophecy in terms of the shortages. Let’s share a little bit with our neighbors and everybody should know that it’s going to be okay in the next few days.''

Granholm's agency is leading the federal response to the ransomware attack. She said the incident shows the vulnerability not only of U.S. infrastructure, but also personal computers. Her 86-year-old mother recently suffered a ransomware attack on her iPad, Granholm said.

"So it’s just happening everywhere,'' she said. "All these cybercriminals see an opportunity in the cloud and in our connectivity. And so we all have to be very vigilant. That means we’ve got to have security systems on our devices and individually we shouldn’t be clicking on any email with attachments from people you don’t know. I mean it’s just around us.''

Biden signed an executive order on cybersecurity this week, and the Energy Department and other agencies are working to protect critical infrastructure, she said.

Much of the U.S. pipeline infrastructure, like Colonial, is privately owned. The chairman of the Federal Energy Regulatory Commission, which oversees interstate pipelines, said this week that the U.S. should establish mandatory cybersecurity standards for pipelines similar to those in the electricity sector.

"Simply encouraging pipelines to voluntarily adopt best practices is an inadequate response to the ever-increasing number and sophistication of malevolent cyber actors,'' said FERC Chairman Richard Glick.

RELATED: Colonial Pipeline sought a cyber-security manager months before hack

"We definitely have to look at it," Granholm said Friday, adding that pipeline organizations have voluntary standards. "Even though it may be privately owned, the public uses it. So I think we have to look at that, making sure that they abide by the latest and greatest.''

John Stoody, a spokesman for the Association of Oil Pipe Lines, declined to comment on Glick's proposal. The industry historically has opposed government mandates on cybersecurity.

The ransomware attack should play a role as Congress considers Biden's $2.3 trillion infrastructure proposal, Granholm said.

"Obviously pipelines should be considered part of that,'' she said. "Cybersecurity should be considered part of that. Energy infrastructure, including transmission grids, should be part of that. We need to upgrade across the board, and hopefully there will be some interest in a bipartisan fashion to see an upgrade in the nation’s infrastructure.''

This story was reported from Detroit. The Associated Press contributed