US pipeline operators ordered to toughen up cyber security

They include:

• protecting against ransomware attacks and other known threats to operational and information technology systems;
• developing and implementing a cyber security contingency and recovery plan; and
• conducting a cyber security architecture design review.

The DHS describes the measures as urgently needed.

During development of the directive, the department’s Cybersecurity and Infrastructure Security Agency (Cisa) advised on cyber security threats to the pipeline industry and technical countermeasures to prevent them.  

The Colonial pipeline serving most of the eastern US with fuel and heating oil was shut down for a few days in May after what was viewed as the worst-ever cyber-attack on the country’s infrastructure.

“The lives and livelihoods of the American people depend on our collective ability to protect our nation’s critical infrastructure from evolving threats,” said secretary of Homeland Security Alejandro Mayorkas.

“Through this security directive, DHS can better ensure the pipeline sector takes the steps necessary to safeguard their operations from rising cyber threats, and better protect our national and economic security.

“Public-private partnerships are critical to the security of every community across our country and DHS will continue working closely with our private sector partners to support their operations and increase their cyber security resilience.”

The first security directive issued by the department’s Transportation Security Administration in May, following the Colonial attack, requires critical pipeline owners and operators to:

• report confirmed and potential cybersecurity incidents to Cisa; 
• designate a cybersecurity coordinator to be available 24 hours a day, seven days a week;
• review current practices;
• and identify any gaps and related remediation measures to address cyber-related risks.