IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

US has new cyber security rules for pipelines

DHS now requires “urgently needed protections against cyber intrusions”

The federal government has launched new regulations requiring owners of critical pipelines that transport hazardous liquids and natural gas to implement “urgently needed protections against cyber intrusions.”

This was the second time since May that the Department of Homeland Security (DHS) issued a cyber security directive aimed at US pipeline operators. It comes in the wake of the Colonial Pipeline hack that disrupted fuel supplies across the southeastern US for days.

DHS said Tuesday’s move was in response to “the ongoing cybersecurity threat to pipeline systems,” Reuters reported.

“The lives and livelihoods of the American people depend on our collective ability to protect our nation’s critical infrastructure from evolving threats,” DHS Secretary Alejandro Mayorkas said.

The security directive requires critical pipelines to take defensive measures to protect themselves from ransomware attacks and other known threats to IT systems. Pipeline owners must also have a cyber security contingency and recovery plan in place.

In an earlier security directive in late May, immediately following the Colonial Pipeline cyber attack, the DHS began requiring US pipeline operators to conduct a cyber security assessment. Until then, American pipeline companies operated under purely voluntary cyber security guidelines.

Related Resource

Aberdeen Report: How a platform approach to security monitoring initiatives adds value

Integration, orchestration, analytics, automation, and the need for speed

White text against a pink-red background - whitepaper from IBMFree download

That late-May directive required pipeline owners and operators to report any cyber incidents to the federal government. They also needed a designated cyber security coordinator available 24/7 to work with authorities in an attack.

When DarkSide hackers attacked Colonial Pipeline, they forced it to shut down 5,500 miles of pipeline between Texas and New York for several days, disrupting the fuel supply to large swaths of the East Coast. The hackers also took 100GB of data from the network before locking computers and extorting the company for a ransom payment. 

Colonial’s CEO has confirmed the pipeline company paid $4.4 million to cyber criminals who hit it with the ransomware attack.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022
NOAA unveils two new supercomputers in effort to better predict extreme weather
high-performance computing (HPC)

NOAA unveils two new supercomputers in effort to better predict extreme weather

29 Jun 2022
Google aims to court US public sector with new division
public sector

Google aims to court US public sector with new division

29 Jun 2022
Carnival hit with $5 million fine over cyber security violations
cyber security

Carnival hit with $5 million fine over cyber security violations

27 Jun 2022

Most Popular

FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Internet providers look to ease cost of living crisis with cheaper broadband
broadband

Internet providers look to ease cost of living crisis with cheaper broadband

29 Jun 2022