US steps up cyber-security requirements after pipeline hack

WASHINGTON (AFP) – The United States government on Thursday (May 27) imposed cyber-security requirements on petroleum pipelines for the first time, following a ransomware attack that temporarily shut down a key oil conduit this month.

The new rules imposed by the Department of Homeland Security require pipeline operators to designate a cyber-security coordinator who must be available at all times, and report confirmed incidences to the agency’s Cybersecurity and Infrastructure Security Agency.

Pipeline owners will also be required to review their procedures and identify cyber-security gaps and ways to fix them, with the results reported to the department within 30 days.

“The cyber-security landscape is constantly evolving and we must adapt to address new and emerging threats,” Homeland Security Secretary Alejandro Mayorkas said in a statement.

“The recent ransomware attack on a major petroleum pipeline demonstrates that the cyber security of pipeline systems is critical to our homeland security.”

The online vulnerabilities of US pipelines came into focus after a May 7 cyber attack on Colonial Pipeline, which transports about 45 percent of the fuel consumed on the east coast of the US.

The pipeline’s multi-day shutdown sparked panic buying in some eastern states, and ended when the company paid US$4.4 million (S$5.8 million) in ransom to the hackers.

More on this topic

Join ST’s Telegram channel here and get the latest breaking news delivered to you.

Source: Read Full Article