July 19, 2021- 11:45 a.m.
The Department of Homeland Security on Tuesday required owners and operators of critical pipelines that transport hazardous liquids and natural gas to implement “urgently needed protections against cyber intrusions.”
The security directive requires TSA-designated critical pipelines to take certain mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems, implement a cybersecurity contingency and recovery plan, and conduct a cybersecurity architecture design review, DHS said.
It was the second security directive issued by the department’s Transportation Security Administration since May, after a hack of the Colonial Pipeline disrupted fuel supplies in the southeastern United States for days.
The department said the action was in response to “the ongoing cybersecurity threat to pipeline systems.”
The closure of the 5,500-mile (8,900-km) system was the most disruptive cyberattack on record, preventing millions of barrels of gasoline, diesel and jet fuel from flowing to the East Coast from the Gulf Coast.
A ransomware attack forced Colonial Pipeline, which runs from Texas to New Jersey, to shut much of its network for several days in May, leaving thousands of gas stations across the U.S. Southeast without fuel.
