The Colonial hack has placed a worrying spotlight on system vulnerabilities.
The Transportation Security Administration has issued a new directive toward all fuel pipeline managers in the United States to improve their cybersecurity measures. In the wake of the Colonial pipeline hack, which disrupted the flow of fuel to multiple states, the TSA has been forced to reexamine their cyber security policies in the interest that a disruption of this magnitude (or worse) never happens again.
“The evolution of ransomware attacks in the last 12-18 months has gotten to a point that it poses a national security risk and that we are concerned about the impact on national critical functions,” a TSA official told the Huffington Post.
The TSA will begin conducting cybersecurity assessments of the nation’s pipelines to determine if any other vulnerabilities, whether minor or severe, are present in their systems. If any concerns are noted, pipeline operators will be required to remedy them immediately. Additionally, pipeline operators will also be required to hire on cybersecurity coordinators to work with authorities in case of a hack, and any hacking incidents must be reported to the TSA under threat of fines.
“The Colonial Pipeline breach, in particular, was a wake-up call to many Americans about how malicious cyber actors, often backed by foreign states, can disrupt the U.S. economy and all of our lives,” said California Representative Lucille Roybal-Allard.
The Colonial Pipeline, during the ransomware attack, was forced to pay $4.4 million in cryptocurrency to the hacking group DarkSide, which is believed to be based in Russia. Concerns that a malicious foreign power could so heavily impact American fuel infrastructure has prompted an immediate rush order on cybersecurity improvements.