To boost overall security operations after a serious cyberattack on the Colonial Pipeline, The U.S. Senate’s freight committee leaders are currently calling upon the Biden administration, private industry stakeholders, and congressional colleagues to take swift action.
Cyberattacks of this caliber are potentially able to shut down all infrastructure operations, and the threat of such an event is still a major risk for the country, explained Maria Cantwell, Senate Commerce Committee Chairwoman. With several states undergoing a large disruption in regards to their petroleum materials during May’s Colonial Pipeline cyberattack–an event which hurt the nation’s economy–cybersecurity clearly needs some major improvements.
The Colonial Pipeline had to pay around $4.4 million to be able to restart its systems after the cyberattack affected its 5,500 miles of pipe which transport around 100 million gallons of fuel every day. Additionally, federal agencies have been recently cyberattacked by SolarWinds Russian intelligence, and Microsoft Exchange users were recently targeted in the ‘Hafnium’ attack. Other municipal and state agencies have been victims of cyberattacks recently, as well.
“The rapid growth in the number and sophistication of cyberattacks is the alarm bell ringing about the need to immediately bolster the cybersecurity of our critical infrastructure,” said Chairwoman Cantwell in a recent Senate hearing.
Because the nation’s infrastructure is indeed at risk, the federal government needs to bring options quickly in regards to solving this massive issue, she added.
“The federal government should be part of the solution,” Cantwell continued. “We need to bring about critical infrastructure investments in technology that can help the electricity grid and companies secure their networks from these kinds of intrusions.”
Both Cantwell and Senator Roger Wicker noted that there is effective legislation in the works that could help improve overall protections of the pipeline. Wicker currently serves as the panel’s ranking member and explained that public-private collaborations meaning to bring boosted safety to infrastructure networks and pipeline operations, as well as interagency operability, could have major benefits for overall protection against cyberattacks and to the pipeline itself.
“As the federal government considers ways to improve the cybersecurity framework of the pipeline sector, it will be increasingly important for the public and private sectors to coordinate their efforts more closely,” Wicker said. “Coordination between government and industry is needed to improve information sharing about emerging cyber threats and best practices to address them. Industry [experts] should also build strong relationships with their regulators and law enforcement to increase that collaboration.”
In an effort to indeed prevent cyber attacks like that endured by the Colonial Pipeline, U.S. Department of Transportation Deputy Secretary, Polly Trottenberg, noted that the Department of Transportation is working with other agencies to find the best methods of doing so. In fact, the Pipeline and Hazardous Materials Safety Administration is working to bolster enforcement and inspections across its countrywide operations, especially to monitor pipeline control rooms, improve emergency response plans, and revise integrity management plan requirements within the agency.
“The Colonial Pipeline cybersecurity incident spotlighted the importance of trust and timely information sharing, as well as public and private sector partnership in transportation cybersecurity,” Trottenberg told senators. “It also underscored that we need to keep learning and adapting quickly to meet increasingly complex and sophisticated cybersecurity challenges.”
She noted that collaborative efforts are key in making these improvements become successful and long-lasting.
“DOT will continue to work across the federal government and with the private sector to advance the cybersecurity of the pipelines that fuel and sustain our nation,” she added.
President Biden has issued an executive order following the pipeline attack to bring about strengthened federal capabilities regarding cybersecurity; the order began these efforts by establishing a cybersecurity safety review board. Additionally, the Transportation Security Administration is working to further evaluate and integrate cybersecurity across the entire transportation sector and within other agencies aligned with the industry, according to the agency’s administrator, David Pekoske.
“The pipeline system is crucial to U.S. national security, transportation, and our energy supply,’ Pekoske said. “These pipelines provide connections to other critical infrastructure upon which we depend, such as power plants and the aviation gasoline fuel supply for airplanes.”