Colonial Pipeline ransomware attack prompts first cybersecurity mandates for nation's pipelines
The Biden administration will mandate cybersecurity regulations for the nation's leading pipeline companies, officials announced Wednesday, following a massive computer hack that prompted a pipeline transporting nearly half of the East Coast's fuel supply to shutter for 11 days. Previously, voluntary guidelines were given to industry leaders.
The new security directive issued by the Department of Homeland Security (DHS) will require pipeline companies to report cyber incidents to federal authorities, senior DHS officials said, and comes in the wake of a series of ransomware attacks highlighting cyber vulnerabilities to critical infrastructure. Earlier this month, a ransomware attack targeting Colonial Pipeline caused gasoline shortages and panic buying in more than a dozen states and the nation's capital. The shutdown threatened to disrupt airplane travel and mass transit and resulted in a $4.4 million ransom payment to foreign hackers, according to the pipeline's CEO.
Senior DHS officials told reporters this week that "the Colonial Pipeline incident and the broader range of ransomware attacks in the past several months have created a public consciousness of cybersecurity threats that arguably we haven't seen in the past decade," transcending the routine labeling of cyber attacks as purely nation-state driven activity.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25336775/STK051_TIKTOKBAN_CVirginia_D.jpg)
