Colonial Pipeline hack prompts DHS to issue new cybersecurity regulations

The agency's previous guidance for pipeline operators has been voluntary

Following the Colonial Pipeline hack, the Department of Homeland Security plans to roll out new cybersecurity regulations for pipeline companies this week. 

"The Biden administration is taking further action to better secure our nation’s critical infrastructure," a DHS spokesperson told FOX Business. "TSA, in close collaboration with CISA, is coordinating with companies in the pipeline sector to ensure they are taking all necessary steps to increase their resilience to cyber threats and secure their systems."

The agency noted it will release additional details in the days ahead.

GAS PRICES CLIMB AMID BIDEN'S PIPELINE CLOSURES

According to the Washington Post, the Transportation Security Administration will issue a security directive this week requiring pipeline companies to report cyberattack incidents to federal authorities at the TSA and CISA through a 24/7 direct line run by a new cyber official. 

In addition, the order will reportedly require pipeline companies to assess the security of their systems against pre-existing cybersecurity guidelines. 

The TSA currently lays out a series of recommendations for pipeline operators, including reviewing network connections periodically, monitoring physical and remote user access to critical pipeline cyber assets, and conducting role-based security training on how to recognize and report potential indicators of a compromised pipeline system.

FIRM TRACKED DARKSIDE GANG RANSOMWARE PAYMENTS AND THE MASSIVE SUMS PAID

The attack against the Colonial Pipeline, a 5,500-mile long system which transports more than 100 million gallons of gasoline, diesel, jet fuel and heating oil per day, or roughly 45% of fuel consumed across the East Coast, have prompted widespread panic buying by consumers leading to outages at over 1,000 gas stations. 

Gasbuddy, which operates apps and websites based on finding real-time fuel prices at more than 140,000 gas stations, reported Tuesday that fueling locations in Washington, D.C., Georgia, Alabama, Tennessee, the Carolinas, Florida, Virginia, Maryland, Mississippi, West Virginia, Kentucky, New Jersey, Delaware, Louisiana, and Texas are still reporting gasoline outages, though situations in the majority of those states continue to improve since the Colonial Pipeline restarted.

According to the American Automobile Association, the national average gas price sits at $3.03 per gallon as of Tuesday afternoon. 

CLICK HERE TO READ MORE ON FOX BUSINESS

Colonial Pipeline CEO Joseph Blount told The Wall Street Journal that he authorized a $4.4 million ransom payment to the hackers responsible, DarkSide, because the company's executives were unsure how badly the cyberattack had breached the pipeline's systems or how long it would take to bring it back online.

"I know that's a highly controversial decision," Blount told the outlet. "I didn't make it lightly. I will admit that I wasn't comfortable seeing money go out the door to people like this."

Still, he argued that it was "the right thing to do for the country." 

Blount is set to testify before Congress next month as lawmakers seek additional details on the incident. 

DarkSide reaped at least $90 million from 47 victims before the company announced it would cease operations following the Colonial Pipeline attack.