Companies that operate pipelines must alert the government whenever they suffer cyberattacks, the Transportation Security Administration ordered Thursday, in the Biden administration’s first effort to harden U.S. critical infrastructure after hackers disrupted the East Coast’s gasoline supply three weeks ago.
The cyberattack on Colonial, first disclosed May 7, prompted the Georgia-based company to shut down the 5,500-mile-long pipeline that supplies much of the East Coast’s gasoline, diesel and jet fuel, leading to hoarding and widespread fuel shortages. The new incident-reporting requirement is meant to ensure that the government’s cyber defenders understand the nature and scope of digital attacks as they work to prevent further intrusions. Although Colonial alerted the FBI after discovering that it had been hit by an extortion attack known as ransomware, it did not provide technical data to CISA until several days later. The company also did not inform CISA that it had paid a multimillion-dollar ransom to regain access to its data.
Through an existing partnership, CISA and TSA have conducted security reviews of 23 pipeline facilities since October 2020 and plan to conduct another 29 reviews in the next four months, according to the official.emphasized cooperation rather than regulation