After Colonial Pipeline Hack, U.S. to Require Operators to Report Cyberattacks - WSJ

After Colonial Pipeline Hack, U.S. to Require Operators to Report Cyberattacks
The action, expected this week, also will require companies to designate cybersecurity point person

How Vulnerable Is U.S. Energy Infrastructure to Future Cyberattacks?
A cyberattack on the U.S.’s largest fuel pipeline on May 7 forced a shutdown that triggered a spike in gas prices and shortages in parts of the Southeast. WSJ explains just how vulnerable the nation’s critical energy infrastructure is to attack. Photo illustration: Liz Ornitz/WSJ
By Rebecca Smith
Updated May 25, 2021 1:06 pm ET
PRINT
TEXT
The Transportation Security Administration intends to release the first of at least two security directives that would require pipeline operators to notify it when they are targets or victims of cyberattacks, according to senior officials at the Department of Homeland Security.

The action, expected this week, also will require each company to designate a point person for cybersecurity.

The order “should be understood as step one” in a detailed program by the Biden administration to boost the security of more than 2.5 million miles of U.S. pipelines, said one of the DHS officials. “Step two will be a more muscular mandate,” in coming weeks, that will require pipeline owners to take concrete steps to secure their assets against attacks, the official said.

The action by TSA, which is part of DHS, provides the first solid evidence that the Biden administration intends to insert itself into pipeline security more directly than the Trump, Obama and Bush administrations, which deferred to the pipeline industry’s desire to avoid regulations for physical- and cybersecurity.

The springboard for TSA’s more assertive stance is the ransomware attack earlier this month on Colonial Pipeline Co., and a sharp increase in attacks against the critical assets on which the nation relies for fuel, electricity, water and other services.