Op Dinsdag, CNN reported plans to require pipeline companies to report cyberattacks to the federal government
, a shift from the current system of voluntary reporting
, according to a source familiar with the plans
TSA is responsible for transportation security
, including hazardous material and pipeline security
, en het riglyne in place for the industry
. Egter, this will be the first time that the critical pipeline sector has been mandated to report cybersecurity incidents
The directive will apply to around 100 companies considered to have the most critical pipelines in the United States, a DHS official said. The companies are aware of their critical status and are familiar with the existing pipeline security guidelines, volgens die amptenaar.
In response to the cyberattack
, Colonial Pipeline halted operations
, leading to a run on gasoline and panic buying
. After the incident
, Biden administration officials privately voiced frustration with what they saw as Colonial Pipeline’s weak security protocols and a lack of preparation
, CNN het vroeër berig
The incident highlighted that ransomware, which is primarily a criminal, profit-driven enterprise, “can rise to the level of posing a national security risk and disrupt national critical functions,” a DHS official said.
The total paid by ransomware victims increased by more than
300% in 2020, reaching nearly
$ 350 miljoen, volgens a report from the Ransomware Task Force
, which is made up of experts from the industry
, government agencies and academic institutions
There are financial penalties associated with failure to comply with security directives, a DHS official said, which can be imposed on a daily basis, so “they can ramp up pretty significantly over time.”
The fine range starts around $ 7,000 and depends on the specific violation, het die amptenaar bygevoeg.
In response to the ransomware attack
, a Colonial spokesperson previously said the company
“proactively took certain systems offline to contain the threat
,” which temporarily halted all pipeline operations that affected some of the IT systems
According to a DHS official, the Colonial incident showed that even when only the IT system is impacted, and not the operational technology systems, it can “lead to significant disruption.”
Verlede week, Colonial Pipeline CEO Joseph Blount admitted he had authorized a ransom payment
van $ 4.4 million in response to the cyberattack on the company’s network
, noem dit “a highly controversial decision
” in an interview with the Wall Street Journal
While recognizing the “difficult choice” for companies, the US government strongly discourages paying ransom, because there is no assurance of getting your decrypted data back and paying ransom further fuels the epidemic of criminal activity, a DHS official said about ransomware attacks in general during the news briefing.
The industry “was bracing for a more burdensome set of cyber standards,” former DHS Assistant Secretary for Infrastructure Protection Brian Harrell told CNN.
“I applaud TSA for seeking the cyber subject matter expertise at CISA. Dit, combined with the surface infrastructure knowledge of TSA, could lead to a successful compliance regime. I believe everyone is still interested in understanding what pipelines are in scope, and if TSA has the proper risk analysis in place. Regardless, Congress needs to fund this effort and TSA needs to hire additional staff — like yesterday,” hy het gesê.
The Cybersecurity and Infrastructure Security Agency doesn’t plan to release compliance information on specific pipelines, because of potential security risks, but the new requirements will allow the agency to produce better aggregate analysis of vulnerability and risk in the pipeline sector, according to DHS officials.
One official emphasized that the security directive is the first step, to be “followed by more,” but did not provide specific details about future plans. Another official said the department is thinking through how this security directive might serve as a model for the agencies involved and a potential future regulatory approach, adding that they want to avoid a “check-the-box kind of compliance regime.”
TSA is currently staffed at a level in the pipeline security sections to be able to respond to the issues that will be covered by this security directive and the future actions that TSA will be taking, another DHS official said.
But the official said the agency is continuing to expand its cybersecurity group within the pipeline team, to be able to carry out additional cybersecurity assessments on pipeline facilities.
TSA has committed to conducting 52 cybersecurity assessments, called a “validated architecture design review,” in partnership with the Cybersecurity and Infrastructure Security Agency, hierdie boekjaar.