Security Experts:

Lawmakers Reintroduce 'Pipeline Security Act' Following Colonial Hack

More than a dozen U.S. lawmakers led by Rep. Emanuel Cleaver (D-MO) have reintroduced the Pipeline Security Act, whose goal is to aid the DHS’s efforts to protect pipeline infrastructure against cyberattacks, terrorist attacks and other threats.

The Pipeline Security Act was first introduced in 2019, but it did not receive a vote. Now, following the recent ransomware attack on Colonial Pipeline, which had a significant impact, the bill was reintroduced.

The bipartisan pipeline security legislation would ensure that the roles of the Transportation Security Administration (TSA), which has been the primary agency responsible for securing pipelines, and the Cybersecurity and Infrastructure Security Agency (CISA) are clarified and they are fully empowered for securing pipelines and pipeline facilities.

The bill also directs the TSA to update security guidance, conduct risk assessments and inspect pipelines, and requires the agency to create a pipeline security personnel strategy. It also enhances pipeline security oversight by requiring the TSA to submit annual reports to Congress and consult with pipeline stakeholders on security-related matters.

A markup session on the Pipeline Security Act was held by the House Committee on Homeland Security on Tuesday.

“The recent ransomware attack against Colonial Pipeline Company further highlights the threats facing our nation’s critical infrastructure and the potential cascading impacts cyber attacks can have on our economy. With the attacks of this nature on the rise, it’s more important than ever to strengthen our cyber resilience,” said John Katko (R-NY), ranking member in the Committee on Homeland Security and one of the co-sponsors of the bill.

“Right now, we need to focus on building existing capabilities and resources while ensuring federal roles and responsibilities are clear. DHS and DOT are co-Sector Risk Management Agencies (SRMAs) for transportation systems, including pipelines, and should continue to run point, with TSA, CISA, and the U.S. Coast Guard continuing to play important roles. I’ll continue working in a bipartisan manner to make sure our country is better prepared to mitigate future attacks on our critical infrastructure,” Katko added.

Colonial Pipeline, the largest refined products pipeline in the United States, was forced to shut down operations as a result of the ransomware attack. The incident had significant implications, including temporary gas shortages, gas prices rising, and states declaring a state of emergency.

The attack leveraged a piece of ransomware named DarkSide, which has been linked to Russian cybercriminals. The attackers encrypted files on compromised systems and also stole data that they threatened to leak unless a ransom was paid.

According to some reports, Colonial paid a $5 million ransom to the hackers. The company is said to have recovered encrypted files from backups — the decryption tool provided by the cybercriminals was too slow — but paid the ransom to retrieve the stolen information.

Related: Tech Audit of Colonial Pipeline Found ‘Glaring’ Problems

Related: Industry Reactions to Ransomware Attack on Colonial Pipeline

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.