TSA pushes more cybersecurity mandates on critical pipeline owners, emphasizing ransomware

Written by

The Transportation Security Administration on Tuesday handed down additional cybersecurity requirements for owners of major pipelines, this time focused on ransomware.

It’s the second time the Department of Homeland Security’s TSA has issued a security directive to critical pipeline owners since ransomware attackers struck Colonial Pipeline in May, an incident that spurred panic-buying amid fears of a gas shortage. The specific requirements of the directive were not immediately clear.

“This Security Directive requires owners and operators of TSA-designated critical pipelines to implement specific mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems, develop and implement a cybersecurity contingency and recovery plan, and conduct a cybersecurity architecture design review,” a DHS statement reads.

The same month of the Colonial Pipeline attack, TSA threatened to fine certain pipeline owners — an estimated 100 companies — if they failed to meet cybersecurity guidelines. TSA mandated that those owners report cybersecurity incidents, among other requirements.

“The lives and livelihoods of the American people depend on our collective ability to protect our Nation’s critical infrastructure from evolving threats,” DHS Secretary Alejandro Mayorkas said Tuesday.  “Through this Security Directive, DHS can better ensure the pipeline sector takes the steps necessary to safeguard their operations from rising cyber threats, and better protect our national and economic security.”

DHS hinted in its announcement of the original directive that more could be on the way. The Washington Post first reported the arrival of additional TSA requirements.

The second TSA directive comes as Biden administration figures and members of Congress alike have signaled a growing interest in broader cybersecurity regulation.

The House Homeland Security Committee approved a bill in May that would establish a pipeline security division within TSA. Lawmakers also have been mulling legislation that would require cybersecurity incident reporting from critical infrastructure owners and others.

The TSA directive also comes amid an expanding Biden administration battle against ransomware. This week the administration took action against China over ransomware and last week the White House announced a series of steps stemming from an interagency ransomware task force.

Updated, 6/20/21: To clarify references to Biden administration actions on ransomware.