Jul 20, 2021 - Politics & Policy

DHS announces new cybersecurity regulations for pipelines

Colonial Pipeline fuel tanks in Woodbine, Maryland, in May 2021.

Colonial Pipeline fuel tanks in Woodbine, Maryland, in May 2021. Photo: Drew Angerer/Getty Images

The Department of Homeland Security on Tuesday announced new security regulations for pipeline operators in an effort to bolster their defenses against cyberattacks.

Why it matters: The latest order comes in response to the ransomware operation against Colonial Pipeline in May, which crippled the United States' fuel supply and set off gas shortages across several states.

What they're saying: "The lives and livelihoods of the American people depend on our collective ability to protect our Nation’s critical infrastructure from evolving threats," DHS Secretary Alejandro Mayorkas said.

  • "Through this Security Directive, DHS can better ensure the pipeline sector takes the steps necessary to safeguard their operations from rising cyber threats, and better protect our national and economic security."

The big picture: DHS ordered pipeline operators to "implement specific mitigation measures" to protect against cyberattacks and develop contingency and recovery plans to use if they are targeted and breached.

  • Shortly after Colonial Pipeline was breached, DHS ordered pipeline operators in an initial directive to immediately report to the Transportation Security Administration and the Cybersecurity and Infrastructure Security Agency if they are targeted by a cyberattack and to hire a cyber official.

Go deeper: State Department offers $10 million in rewards for cyber crime information

Go deeper