In the wake of the terrible ransomware attack that targeted one of the most important fuel pipelines of the US, the Department of Homeland Security (DHS) has mandated additional cyber security measures.
This is the second security directive issued by the DHS for the protection of critical pipelines that carry natural gas and hazardous liquids. The first pipeline directive was issued by the DHS in the month of May 2021.
Ransomware Attack on Colonial Pipeline
The process of issuing pipeline directives by the DHS started after the ransomware attack on Colonial Pipeline forced its shutdown and disrupted its operations for many days. The cyber attack affected 5500 miles of this pipeline which carries around 45% of US’ East Coast’s fuel supplies. The attack was attributed to the DarkSide ransomware gang.
The attack resulted in price spikes and panic fuel purchases in some parts of the US. This attack forced authorities to think about how to stop ransomware attacks and other cyber incidents.
The DHS directives may serve as solutions against ransomware and other cyber threats looming in the landscape.
The DHS directive requires the implementation of certain urgent protections against cyber threats by pipeline handler companies. This includes implementing a cyber security contingency and recovery plan and conducting a cyber security architecture design review.
An article published by CNN quoted Homeland Security Secretary Alejandro Mayorkas, “Through this Security Directive, DHS can better ensure the pipeline sector takes the steps necessary to safeguard their operations from rising cyber threats, and better protect our national and economic security.”
The first pipeline directive issued by the DHS required reporting of cyber security incidents to the department within the first 12 hours of its occurrence. Along with this, it required these pipeline handler companies to appoint a cyber security coordinator who can respond to a cyber incident and work in coordination with the DHS.
These DHS directives show that the attack on the pipeline has really woken up the US authorities to the challenge posed by cyber attackers on their critical infrastructure.
Get your hands on the latest DMARC report!
Check out the latest trends in Email Security