Upcoming DHS Regulation to Require Pipeline Companies to Report Cyber Incidents
The Department of Homeland Security plans to issue regulations for pipeline security in the wake of the Darkside ransomware attack directed at Colonial Pipeline.
A report from the Washington Post suggests that the security directives could be launched within the week, requiring pipeline companies to report cyber incidents to federal authorities.
A DHS spokesperson said the Transportation Security Administration and the Cybersecurity and Infrastructure Security Agency are coordinating with companies to improve cyber resilience across the pipeline sector, FCW reported Tuesday.
The emphasis on mandating cyber incident reporting comes amid concerns among federal executives about private companies’ hesitance to engage with federal agencies in matters related to cybersecurity, particularly ransomware attacks.
CISA’s Eric Goldstein said during a recent U.S. Chamber of Commerce virtual panel that ransomware victims’ refusal to work with federal agencies for remediation makes it difficult to understand the scope of the problem.
Brandon Wales, acting director of CISA, also testified at a recent hearing that Colonial Pipeline probably would not have contacted his agency directly without the intervention of the FBI.
Investigations on the Colonial Pipeline ransomware attack were carried out by CISA with the help of FireEye, a cybersecurity consulting company headquartered in Milpitas, California.
The oil pipeline operator was able to resume operations after a shutdown that lasted more than a week, affecting its customers in Texas, New Jersey, Louisiana, Mississippi, Alabama, Georgia, South Carolina, Tennessee, Virginia and Pennsylvania.
Colonial Pipeline CEO Joseph Blount, who is set to testify to lawmakers in June, confirmed that a $4.4 million ransom was paid to Russian group Darkside.
Category: Federal Civilian
Tags: Brandon Wales CISA Colonial Pipeline Darkside Department of Homeland Security DHS FCW federal civilian pipeline security ransomware attack security regulations TSA