The Department of Homeland Security will issue new cybersecurity regulations on fuel and oil pipelines to prevent future cyber attacks like the one that crippled the Colonial Pipeline, senior DHS officials told the Washington Post.
Why it matters: The new directives on pipelines demonstrate the significance of the Colonial breach, since only a few vital infrastructure sectors — like bulk electric power and nuclear plants — have to follow federal cybersecurity regulations in event of an attack.
Details: The new regulations will be issued by the Transportation Security Administration (TSA), which is a part of DHS and handles pipeline security.
Companies that manage pipelines will have to immediately report to TSA and the Cybersecurity and Infrastructure Security Agency if they are targeted by a cyber attack, according to the Post.
What they’re saying: “The Biden administration is taking further action to better secure our nation’s critical infrastructure,” DHS spokeswoman Sarah Peck told the Post in a statement.
“TSA, in close collaboration with [the Cybersecurity and Infrastructure Security Agency], is coordinating with companies in the pipeline sector to ensure they are taking all necessary steps to increase their resilience to cyber threats and secure their systems,” she added.
What they’re saying: “The Biden administration is taking further action to better secure our nation’s critical infrastructure,” DHS spokeswoman Sarah Peck told the Post in a statement.
-
CEO of Colonial Pipeline Joseph Blount said last week that the company paid a ransom payment of $4.4 million to the cybercrime group responsible for the attack.
-
The federal government has recommended that companies do not pay criminals during ransomware attempts over fears it would only encourage more groups to conduct future attacks.
