US steps up cybersecurity requirements after pipeline hack

Agence France-Presse

Posted at May 28 2021 08:40 AM

US steps up cybersecurity requirements after pipeline hack 1
A person fills their car with gas as people queue at a Shell gas station, after a cyberattack crippled the biggest fuel pipeline in the country, run by Colonial Pipeline, in Washington, D.C., US, May 15, 2021. Andrew Kelly, Reuters/File Photo

WASHINGTON - The US government on Thursday imposed cybersecurity requirements on petroleum pipelines for the first time, following a ransomware attack that temporarily shut down a key oil conduit this month.

The new rules imposed by the Department of Homeland Security require pipeline operators to designate a cybersecurity coordinator who must be available at all times, and report confirmed incidences to the agency's Cybersecurity and Infrastructure Security Agency.

Pipeline owners will also be required to review their procedures and identify cybersecurity gaps and ways to fix them, with the results reported to the department within 30 days.

"The cybersecurity landscape is constantly evolving and we must adapt to address new and emerging threats," Homeland Security Secretary Alejandro Mayorkas said in a statement. 

"The recent ransomware attack on a major petroleum pipeline demonstrates that the cybersecurity of pipeline systems is critical to our homeland security."

The online vulnerabilities of US pipelines came into focus after a May 7 cyberattack on Colonial Pipeline, which transports about 45 percent of the fuel consumed on the east coast of the United States.

The pipeline's multi-day shutdown sparked panic buying in some eastern states, and ended when the company paid $4.4 million in ransom to the hackers.


Watch more on iWantTFC