Pipeline Attack Follow-up

The ransomware attack and subsequent shutdown of Colonial Pipeline captured the interest of the government and the general public a few weeks ago. Previously the government took a hands-off approach to pipeline security, leaving the risk assessment in the hands of the corporation. That changed Thursday when the TSA released new cybersecurity regulations for the pipeline sector.

The new regulations require critical pipeline owners and operators to report confirmed and potential attacks, as well as keep a 24-hour cyber security coordinator on staff.

“The cybersecurity landscape is constantly evolving, and we must adapt to address new and emerging threats,” Secretary of Homeland Security, Alejandro Mayorkas said Thursday in a statement. “The recent ransomware attack on a major petroleum pipeline demonstrates that the cybersecurity of pipeline systems is critical to our homeland security.”

The security directive will also require pipeline companies to review current security practices and identify any gaps. Companies have to report the results to the US Cybersecurity and Infrastructure Security Agency (CISA) within 30 days.

The Colonial Pipeline shutdown highlighted the vulnerability of critical infrastructure, and their reliance on IT services. Colonial Pipeline points out the hackers were not able to get into the technology that actually operates the pipeline, but the intended result of a shutdown and public panic occurred, nonetheless. We have seen cyberattacks on hospitals, police departments, city governments, and schools, but this was the first event that crossed over to the general consciousness. The SolarWinds breach a couple months ago piqued the attention of business owners, and made some start thinking differently about the scope of a cyber event. This ransomware attack had a similar effect on the public. Images of lines at gas stations and citizens filling up any container available with fuel changed the narrative on cyber security.

The attack also emphasized the discussion of cyber insurers response to ransomware. Following the peak of ransomware payouts in Q3 of 2020, some insurers dropped ransomware coverage from their policies A report from the Government Accountability Office said, in part, “insurer appetite and capacity for underwriting cyber risk has contracted more recently, especially in certain high-risk industry sectors.”

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright