Washington (CNN)The Department of Homeland Security plans to issue a “security directive” in the coming days that would require pipeline companies to report cyberattacks to the federal government, a shift from the current system of voluntary reporting, according to a source familiar with the plans.
The plan to further regulate the pipeline industry comes about two weeks after Colonial Pipeline was hit with a paralyzing ransomware attack that led the company to halt operations at one of America’s most important pipelines, causing gas shortages in the Southeast.
“The Biden administration is taking further action to better secure our nation’s critical infrastructure. TSA, in close collaboration with (Cybersecurity and Infrastructure Security Agency), is coordinating with companies in the pipeline sector to ensure they are taking all necessary steps to increase their resilience to cyber threats and secure their systems. We will release additional details in the days ahead,” DHS spokeswoman Sarah Peck said.
The directive will be issued by the Transportation Security Administration, which is the lead federal agency for transportation security, including hazardous material and pipeline security.
It is still in the works and not finalized, the source said, adding that this would be the first step as the department continues to work on a more muscular proposal to enhance pipeline security.
The proposal was first reported by The Washington Post.
Currently, pipeline operators adhere to TSA security guidelines and report cybersecurity incidents on a voluntary basis.
Earlier Tuesday, Homeland Security Secretary Alejandro Mayorkas told reporters that “ransomware is one of the greatest cybersecurity threats that we face in the United States,” speaking at a TSA event about summer travel.
The department is “working very closely in a public-private partnership” to inform the business and cybersecurity community about how to prevent and respond to these attacks, he said.
The draft directive will require companies to report cyber incidents to the Cybersecurity and Infrastructure Security Agency, a division of DHS, another source familiar told CNN.
This is the first time TSA has required that these companies report cyber incidents, the source said, which the Biden administration considers a “first step” that can be taken quickly with various other robust requirements and ideas still in discussion.
Security directives are issued when there are pressing circumstances, as was done in the case of face masks, a DHS official said.
The use of a directive would allow the department to take these steps temporarily without needing new federal regulation or legislation. But those steps could be taken at a later date.
Meanwhile, Colonial Pipeline is still trying to narrow in on how its network was breached following the ransomware attack that resulted in closing down the critical pipeline, CNN previously reported.
The incident prompted a massive federal response to chase the perpetrators and prevent more breaches. In the wake
Go To The SourceRead More