U.S. to require energy pipelines report computer hacks or face fines

imageCommodities33 minutes ago (May 27, 2021 06:17AM ET)

(C) Reuters. FILE PHOTO: Holding tanks are seen in an aerial photograph at Colonial Pipeline’s Dorsey Junction Station in Woodbine, Maryland, U.S. May 10, 2021. REUTERS/Drone Base/File Photo

By Raphael Satter

WASHINGTON (Reuters) – Energy pipeline companies will have to report cybersecurity incidents to the U.S. government under a new directive that will be announced by the Transportation Security Administration (TSA) on Thursday, senior government officials said.

The officials, who asked to remain unidentified, said the directive will impose fines on pipeline companies that fail to report incidents within 12 hours and mandate that the pipeline companies designated a cybersecurity coordinator to report incidents and coordinate with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).

“This is the first time there’s mandatory reporting of cybersecurity incidents,” said one of the four senior officials that spoke to journalists ahead of the directive’s unveiling.

The new directive comes after hackers earlier this month carried out a ransomware attack on the Colonial Pipeline Co, the United States’ biggest fuel pipeline system, that caused supply disruptions, price spikes and panic buying across the East Coast earlier this month.

The directive was first reported by The Washington Post earlier this week.

The hackers, alleged to be operating out of Russia, held Colonial Pipeline’s computer network hostage and successfully extorted millions of dollars in digital currency. The incident has bumped the cybersecurity of critical infrastructure to the top of the national agenda.

The U.S. government has traditionally relied on private industry to flag hacks to officials, but is shifting toward mandatory reporting amid a number of major intrusions.

Similar mandates might appear in other industries. Speaking Wednesday, the officials said the new pipeline mandate is being eyed as a potential model for other sectors as well.

U.S. to require energy pipelines report computer hacks or face fines

Disclaimer: Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. All CFDs (stocks, indexes, futures) and Forex prices are not provided by exchanges but rather by market makers, and so prices may not be accurate and may differ from the actual market price, meaning prices are indicative and not appropriate for trading purposes. Therefore Fusion Media doesn`t bear any responsibility for any trading losses you might incur as a result of using this data.

Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of reliance on the information including data, quotes, charts and buy/sell signals contained within this website. Please be fully informed regarding the risks and costs associated with trading the financial markets, it is one of the riskiest investment forms possible.