New cybersecurity order issued for US pipeline operators – KIRO 7 News Seattle

WASHINGTON – (AP) – The Department of Homeland Security on Tuesday announced new requirements for U.S. pipeline operators to bolster cybersecurity following a ransomware attack in May that disrupted gas supplies on the east coast.

In a statement, the DHS said it would require operators of government-designated critical pipelines to take “specific mitigation measures” to prevent ransomware attacks and other cyberattacks. Operators must also implement contingency plans and conduct what the department calls a “cybersecurity architecture design review”.

It is the Biden administration’s recent response to a string of ransomware attacks and intrusions that hit critical US infrastructures and raise concerns about US cybersecurity.

The DHS did not immediately release further details on the guidance, which was released after another guidance released weeks after the May 7 attack on the Georgia Colonial Pipeline. This attack resulted in the shutdown of a system that supplies about 45% of the gasoline consumed on the east coast, causing long lines and gas shortages in several states.

Colonial paid an estimated $ 4.4 million ransom, most of which was eventually confiscated by the Justice Department. The FBI blames a gang of hackers based in Russia that uses DarkSide, a variant of ransomware, for the attack.

The Biden government has repeatedly accused Russia of providing safe haven for criminal gangs and of attempting to steal government agencies and private organizations in various sectors. It sanctioned a number of activities, including hacking, in April.

Russia has broadly denied involvement in cyberattacks on US institutions, rejecting “baseless allegations” in a statement last month.

Copyright 2021 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed in any way without permission.