New cybersecurity order for US pipeline operators
The Department of Homeland Security declared new requirements for US pipeline operators to boost cybersecurity in the wake of a ransomware attack in May that disrupted gas delivery through the East Coast.
The Department of Homeland Security recommended "specific mitigation measures" to prevent ransomware attacks and other cyber intrusions. Operators should also implement contingency plans and conduct what the department calls a "cybersecurity architecture design review."
The latest response from the Biden administration to a series of ransomware attacks and hacks that have infected critical US infrastructure raised concerns about US cybersecurity.
DHS did not immediately release more details about the directive, which follows another direction issued weeks after the May 7 attack on the Colonial pipeline in Georgia.
According to a government advisory, US agencies also revealed that hackers linked to the Chinese government targeted 23 natural gas pipelines from 2011 to 2013. 13 of those attacks have been confirmed.
The colonial offensive shut down a system that supplied about 45% of the gasoline consumed along the East Coast and led to long queues and gas shortages in several states.
Colonel paid a ransom estimated at $4.4 million, most of which was recovered by the Department of Justice.
Biden administration has accused Russia of providing a haven to criminal gangs and stealing from government agencies and private organizations in various sectors. Sanctions were imposed in April on a range of activities, including piracy.
Russia has widely denied its cyberattacks on US institutions, denouncing "baseless accusations" in a statement released last month.
This week, the United States and its key allies accused China of a massive hack of Microsoft Exchange email server software that infected thousands of organizations. However, this announcement was not accompanied by sanctions against China, which accused the United States of launching "baseless attacks" against it in connection with cybersecurity.
Post a Comment