TSA tightens cyber rules for pipelines
- By Adam Mazmanian
- Jul 21, 2021
A new directive issued by the Transportation Security Administration requires fuel pipeline operators to institute mitigation and recovery measures to protect against ransomware attacks and other known cybersecurity threats.
This is the second directive issued by TSA in the wake of the ransomware attack on Colonial Pipeline's business IT systems in May, which led to the suspension of pipeline operations for about a week.
On May 27, TSA issued its first directive, instituting mandatory reporting for "confirmed and potential" cybersecurity incidents at pipeline operators. This latest directive requires operators of pipelines designated by TSA as critical to review their current "cybersecurity architecture design," implement mitigation measures against known threats to IT and operational technology systems and establish plans to recover from a cyberattack, TSA officials said in their announcement.
The details of the directive contain sensitive information and will not be released to the public, TSA officials said in June.
The stakes are high. While the Colonial ransomware attack turned out to be the work of a criminal hacker group, the FBI and the Cybersecurity and Infrastructure Security Agency released new details on July 20 of a spearphishing campaign conducted between 2011 and 2013 that targeted oil and natural gas pipeline companies, attributing the attack to a group linked to the Chinese military. News reports at the time indicated that federal officials regarded China as the culprit in these intrusions.
The report states that "China was successful in accessing the supervisory control and data acquisition (SCADA) networks at several U.S. natural gas pipeline companies," and that the campaign was "likely intended to gain strategic access to the ICS networks for future operations rather than for intellectual property theft."
A longer version of this article was first posted to FCW, a sibling site to GCN.
Adam Mazmanian is executive editor of FCW.
Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.
Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.