The Department of Homeland Security has ordered pipeline owners and operators to implement “urgently needed protections” against cyberattacks, in the second such directive since a crippling ransomware attack in May.

The Department of Homeland Security (DHS) issued its latest directive to pipeline owners and operators on Tuesday, more than two months after a ransomware attack shut down critical gasoline and diesel pipeline carrying half the fuel supply of the entire US East Coast.

The attack forced the line’s operator, Colonial Pipeline, to shut much of its network for several days until a ransom was paid to the cybercriminals responsible. The directive asks companies like Colonial Pipeline to “implement specific mitigation measures to protect against ransomware attacks,” to “develop and implement a cybersecurity contingency and recovery plan,” and to “conduct a cybersecurity architecture design review.”


The DHS did not provide more specific information in its announcement, but said the directive was issued in response to “the ongoing cybersecurity threat to pipeline systems.” A similar directive was given in May following the Colonial attack, which gave operators a month to investigate any security weaknesses and report them to the agency.

The scale or severity of this threat is unclear. While the FBI believes a gang of “Russia-based” hackers known as “DarkSide” was responsible for the Colonial attack, Washington’s attention has been focused more on Beijing in recent days. READ MORE