WASHINGTON: The US government is preparing to issue its first cybersecurity regulations for pipelines after the Colonial Pipeline hack that disrupted fuel supplies in the southeastern United States, the Washington Post reported on Tuesday (May 25).
The Transportation Security Administration, a unit of the Department of Homeland Security, would require pipeline companies to report cyber incidents to federal authorities, senior DHS officials told the newspaper. It planned to issue a security directive this week.
The Department of Homeland Security did not immediately return messages seeking comment.
After a ransomware attack forced Colonial to shut its entire network, thousands of gas stations across the US Southeast ran out of fuel. Motorists fearing prolonged shortages raced to fill up their cars.
The closure of the 5,500-mile (8,900-km) system was the most disruptive cyberattack on record, preventing millions of barrels of gasoline, diesel and jet fuel from flowing to the East Coast from the Gulf Coast.
The new regulations will make it mandatory for pipeline operators to report cyber incidents to the government and establishes a baseline for cybersecurity practices and staffing, according the Post story.
The new regulations were discussed after DHS Secretary Alejandro Mayorkas and other top officials considered how they could use existing TSA powers to bring change to the industry, The Post said, citing officials.
Representative Bennie Thompson, chair of the Homeland Security Committee in the House of Representatives, called the move "a major step in the right direction towards ensuring that pipeline operators are taking cybersecurity seriously and reporting any incidents immediately."