Cyber attacks pose significant risks to the general public, according to a DHS advisor's warning.
In a year marked by a surge in cyberattacks, the U.S. government and lawmakers have been compelled to prioritise cybersecurity. The Colonial Pipeline incident, which occurred earlier this year, has served as a stark reminder of the vulnerabilities in the nation's critical infrastructure.
The Colonial Pipeline, a key provider of fuel for the eastern United States, was forced to temporarily shut down following a cyberattack. Initially, there was widespread public misunderstanding, with many believing the ransomware had infiltrated the operational technology (OT) system, causing the pipeline shutdown. However, it was later revealed that the shutdown was a "stop work" cautionary action to prevent a potential spread of malware, not due to the ransomware infiltrating the OT system.
The incident drew attention from members of Congress and policymakers, prompting the U.S. Department of Transportation's Pipeline and Hazardous Materials Safety Administration (PHMSA) to issue the first cybersecurity requirements for pipeline owners and operators in May. The Transportation Security Administration (TSA) also issued its first-ever cyber requirements for pipeline owners and operators around the same time.
Suzanne Spaulding, the senior adviser for the Department of Homeland Security and the director of the Defending Democratic Institutions project at the Center for Strategic and International Studies, emphasised the importance of a clear and timely response in incident response. She also highlighted the need for Congress and businesses to pay attention to counterintelligence threats, as every company, regardless of size or industry, is a potential counterintelligence target.
Joe Blount, Colonial's CEO, played an active role in the remediation effort, serving as the liaison between the company and government. The incident served as a lesson in incident response and the messages the public needs to receive, with a clear and timely response being crucial to prevent public panic, similar to the long lines at gas stations during the Colonial Pipeline incident.
The Colonial Pipeline and JBS USA cyberattacks exposed weaknesses in U.S. critical infrastructure. These incidents have prompted Biden to draw a red line for cybercriminals or nation-state actors at critical infrastructure. The line of critical infrastructure has been crossed several times this year, underscoring the urgent need for improved cybersecurity measures.
In his first State of the Union address, Biden included cybersecurity among the crises the U.S. is facing. As the nation continues to grapple with the increasing threat of cyberattacks, the lessons learned from incidents like the Colonial Pipeline attack will undoubtedly inform future policy and response efforts.
