The incident was one of a series of wake-up calls about the growing threat hackers pose to the nation’s critical infrastructure. Ransomware attacks, where hackers demand large sums of money to decrypt stolen data or to prevent it from being leaked online, have hit thousands of businesses and hundreds of health care centers in the U.S. in the past year.

Questions remain about what steps companies or government officials should take to buttress defenses against cyberattacks.

WHEN WILL FUEL SUPPLIES GET BACK TO NORMAL?

Colonial restarted its pipeline late Wednesday, which means fuel is now running between refineries in Houston and Southeast states. But it will take a few days or weeks for everything to get back to normal.

Gas stations in the Southeast should be open for business and well supplied next week, but only if the pipeline operates as planned and consumers stop hoarding fuel, said Richard Joswick, global head of oil analytics at S&P Global Platts. When the panic passes, people will have full tanks and demand will drop, but “people have to be convinced that they don’t have to panic buy,” Joswick said.

There’s also the matter of getting fuel from the pipeline to the pumps.

Different types of fuel — including gasoline, jet fuel and diesel — are moved through the pipeline system, and they can’t all be flowing through the same pipes at the same time. One of the main arteries from Houston to North Carolina moves different grades of gasoline, sending a batch of premium grade followed by regular, Joswick explained.

Another artery transports diesel, jet and home-heating fuel. Then there’s a labyrinth of storage tanks and smaller pipelines that are loaded and unloaded with different types of fuel.

Trucks deliver fuel at different points along the way, but with a national trucker shortage, it isn’t easy for trucks to pick up all the slack.

“The supplies themselves really aren’t the issue, it’s more the transportation,” said Akshaya Jha, assistant professor of economics and public policy at Carnegie Mellon University. “It’s really going to be transportation bottleneck.”

Prices for gasoline have spiked in some areas, and were already on the rise heading into the busy summer driving season, but those local price hikes are isolated and not likely to last, experts say.

WHAT HAPPENS NEXT TO COLONIAL PIPELINE?

After the dust has settled, Congress is likely to call hearings to question Colonial Pipeline executives and cybersecurity experts to help figure out what went wrong and how events like this can be prevented in the future. An outside audit of Colonial’s information management practices three years ago found glaring problems.

The chairman of the Federal Energy Regulatory Commission, Richard Glick, said the government should create and enforce mandatory pipeline-security standards similar to those that have been required of the electricity sector for more than a decade.

And members of the House Energy Committee re-introduced bills this week aiming to strengthen the Department of Energy’s ability to respond to cybersecurity threats and to encourage more coordination between the federal government and utilities.

Some might want regulators to ease permitting procedures so that more pipelines can be built, to boost reliability of supply. But there may be reluctance to facilitate building alternate pipeline routes, since President Joe Biden has made it clear that he wants to transition away from fossil fuels as quickly as possible, in favor of clean energy such as wind and solar.

“There’s going to be that tradeoff between making the permitting process easier, on the one hand, in order to get these pipelines built and then, on the other hand, should we be building these pipelines at all if we want to move away from fossil fuels?” Jha said.

When proposals are made on the state or federal level to combat cybersecurity threats, it’s important to remember that one size does not fit all, said Drue Pearce, director of government affairs at Holland & Hart, and former deputy administrator of the Pipeline Hazardous Materials Safety Administration at the Department of Transportation. What fits the bigger players doesn’t necessarily work for smaller ones, so it’s difficult to write policies that work for everyone, she said.

Pipelines and other companies that transport hazardous materials “get an incredible number of hacking attempts on a daily basis, already,” Pearce said. ”You don’t know which ones are ransomware, you don’t know which one is a 13-year-old sitting at home wondering if he can break into this thing.”

WHAT IS THE BIDEN ADMINISTRATION DOING?

There’s been a lot of activity in the last month aimed at strengthening the country’s cyber-defenses, most notably an executive order signed by Biden on Wednesday that would require all federal agencies to use basic cybersecurity measures and mandate new security standards for software makers that contract with the federal government.

The order also establishes a cybersecurity safety review board, creates a pilot program rating system to evaluate the security of software and establishes what officials say will be a standardized playbook for cyber responses.

The executive order is meant to fix what a senior administration official on Wednesday described as a “laissez faire” approach to cybersecurity. It is also intended to address some of the vulnerabilities exposed by recent major breaches, including the SolarWinds intrusion in which Russian hackers compromised federal agencies by targeting the software supply chain.

The Justice Department, meanwhile, has created a task force with the FBI to deal with ransomware, and the administration says it is taking steps to protect critical industries like the energy sector.

WHO WAS RESPONSIBLE FOR THE HACK?

The FBI has linked the ransomware to a Russian-speaking criminal syndicate known as DarkSide that has been on investigators’ radar for months.

Biden said Thursday said that the administration does not believe the Russian government was involved in the attack but that “we do have strong reason to believe that the criminals who did the attack are living in Russia. That’s where it came from.” He said the administration has been in touch with Moscow about the need to take action against ransomware operators.

“And we’re also going to pursue a measure to disrupt their ability to operate,” he added.