Colonial Pipeline Ransomware Attack: US to Require Energy Pipelines Report Hacks or Face Fines

Google and Facebook were also fined over a failure to delete content that Moscow deems illegal.

Colonial Pipeline Ransomware Attack: US to Require Energy Pipelines Report Hacks or Face Fines

Colonial incident has bumped cybersecurity of critical infrastructure to the top of the national agenda

Highlights
  • Closure of the pipeline was the most disruptive cyberattack on record
  • The directive was first reported by The Washington Post earlier this week
  • The hackers had held Colonial Pipeline's computer network hostage

Energy pipeline companies will have to report cybersecurity incidents to the US government under a new directive that will be announced by the Transportation Security Administration (TSA) on Thursday, senior government officials said.

The officials, who asked to remain unidentified, said the directive will impose fines on pipeline companies that fail to report incidents within 12 hours and mandate that the pipeline companies designated a cybersecurity coordinator to report incidents and coordinate with the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA).

"This is the first time there's mandatory reporting of cybersecurity incidents," said one of the four senior officials that spoke to journalists ahead of the directive's unveiling.

The new directive comes after hackers earlier this month carried out a ransomware attack on the Colonial Pipeline, the United States' biggest fuel pipeline system, that caused supply disruptions, price spikes and panic buying across the East Coast earlier this month.

The directive was first reported by The Washington Post earlier this week.

The hackers, alleged to be operating out of Russia, held Colonial Pipeline's computer network hostage and successfully extorted millions of dollars in digital currency. The incident has bumped the cybersecurity of critical infrastructure to the top of the national agenda.

The US government has traditionally relied on private industry to flag hacks to officials, but is shifting toward mandatory reporting amid a number of major intrusions.

Similar mandates might appear in other industries. Speaking Wednesday, the officials said the new pipeline mandate is being eyed as a potential model for other sectors as well.

© Thomson Reuters 2021
 


It's Google I/O time this week on Orbital, the Gadgets 360 podcast, as we discuss Android 12, Wear OS, and more. Later (starting at 27:29), we jump over to Army of the Dead, Zack Snyder's Netflix zombie heist movie. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Twitter Fined RUB 7 Million by Russian Court Over Failure to Delete Content
Netflix’s The Sandman Adds Stephen Fry, David Thewlis, Patton Oswalt Among 12 New Cast

Related Stories

Share on Facebook Tweet Snapchat Share Reddit Comment
 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2021. All rights reserved.
Listen to the latest songs, only on JioSaavn.com