Pipeline companies in the United States, upon whom the country depends for fuel supplies, will be required to pay closer attention to their network security soon.
In early May, hackers linked to the Russian criminal syndicate DarkSide orchestrated a ransomware attack on Colonial Pipeline, a Texas company whose pipeline system carries gasoline and jet fuel throughout the American Southeast. In response, Colonial canceled all of their pipeline operations immediately and paid the nearly $5 million ransom in bitcoin. The hackers restored Colonial’s network operations, which then took several days to get back up to speed. The delay never meant an actual fuel shortage and only actually could have affected seven states, but panic-buying raised gas prices all over the country and caused temporary local shortages.
In response, the Transportation Security Administration issued a directive on May 27, 2021, that all pipeline companies conduct an assessment of their own cybersecurity. They will also be required to maintain a cybersecurity coordinator at all times, and report any invasive network incidents immediately to the federal government. They will also have to formally register a plan to identify and solve any gaps in their current security within 30 days.
“The evolution of ransomware attacks in the last 12-18 months has gotten to a point that it poses a national security risk and that we are concerned about the impact on national critical functions,” said an anonymous official from the Department of Homeland Security ahead of the official release of the directive.
“The Colonial Pipeline breach, in particular, was a wake-up call to many Americans about how malicious cyber actors, often backed by foreign states, can disrupt the U.S. economy and all of our lives,” said Representative Lucille Roybal-Allard, D-CA, chair of the House Appropriations Committee’s subcommittee for homeland security. The TSA’s directive came at the behest of the Biden Administration in cooperation with the subcommittee.