Chicago Tribune

New cyber rules issued to pipeline operators

- By Nomaan Merchant

WASHINGTON — The Department of Homeland Security on Tuesday announced new requiremen­ts for U.S. pipeline operators to bolster cybersecur­ity following a May ransomware attack that disrupted gas delivery across the East Coast.

In a statement, DHS said it would require operators of federally designated critical pipelines to implement “specific mitigation measures” to prevent ransomware attacks and other cyber intrusions. Operators must also implement contingenc­y plans and conduct what the department calls a “cybersecur­ity architectu­re design review.”

It’s the latest response by the Biden administra­tion to a series of ransomware attacks and intrusions hitting crucial U.S. infrastruc­ture and raising fears about American cybersecur­ity.

DHS did not release further details about the guidance, which comes after another directive issued weeks after the May 7 attack on Georgia-based Colonial Pipeline.

U.S. agencies on Tuesday also disclosed that Chinese government-linked intruders targeted 23 natural gas pipeline operators from 2011 to 2013. Thirteen of those attacks were confirmed intrusions, according to a government advisory.

The Colonial attack led to the shutdown of a system delivering 45% of the gasoline consumed along the East Coast and sparked long lines and gas shortages in several states.

Colonial paid an estimated $4.4 million ransom, most of which was recovered by the Justice Department. The FBI has blamed the attack on a Russia-based gang of hackers using the DarkSide ransomware variant.

The Biden administra­tion has repeatedly accused Russia of granting safe haven to criminal gangs.

Newspapers in English

Newspapers from United States