• Natural Gas News

    US lawmakers take early step on energy cybersecurity

Summary

Lawmakers said the bill would address cyberthreats such as the ransomware attack on the Colonial fuels pipeline.

by: Daniel Graeber

Posted in:

Natural Gas & LNG News, Americas, Political, Regulation, Infrastructure, Pipelines, News By Country, United States

US lawmakers take early step on energy cybersecurity

US lawmakers praised the June 22 passage in the lower chamber of a bill meant to address cybersecurity threats to the national energy sector.

By a roll call vote, members of the House of Representatives passed resolution 1374, the Enhancing State Energy Security Planning and Emergency Act of 2021, with 398 in favour out of the 435 voting members.

Frank Pallone, a Democratic member of the House representing New Jersey and chairman of the House Energy and Commerce Committee, joined Bobby Rush, a Democrat from Illinois, in praising the preliminary step for the bill.

“Recent cyber threats, including the Colonial pipeline cyberattack, have served as sharp reminders of the urgent need to modernise and protect our nation’s infrastructure from bad actors,” they said.

A ransomware attack on May 7 disrupted operations on the 8,850-km Colonial fuels pipeline that meets about half of the demand for refined products on the eastern seaboard. The operating company brought the network back on line after paying a hefty ransom.

A Russian-language group dubbed DarkSide took credit for the ransomware attack, prompting the federal government to form an emergency inter-agency task force to examine the issue.

The language of the bill outlines mitigation and risk assessments meant to ensure national infrastructure is safe. The federal government would also offer financial assistance to address state-level issues at the request of a state governor.

Last month, the chairman of the US Federal Energy Regulatory Commission (FERC) said May 20 that standards over national pipeline security were notably absent.

Richard Glick, the chairman of the commission, said mandatory cybersecurity protocols are in place for the US power grid, but not for pipelines. Instead, that authority rests with the US Transportation Security Administration, which only has voluntary guidance available on cybersecurity.

“We need mandatory pipeline security standards similar to those applicable to the electricity sector,” Glick said.