💰💣
Electric/Gas Utilities and Oil/Gas Pipelines Security Incident
28/05/2021
1578 days ago
Resolved
Incident Overview
Situation Description
The TSA has issued new security directives requiring electric/gas utilities and oil/gas pipelines to conduct comprehensive assessments of their assets to defend against cyberattacks, following a ransomware attack on Colonial Pipeline.
Event Types
Ransomware
Malware / Destructive Attack
Industry Sector
EnergyGeographic Scope
National (US)Response Actions
Revised Incident Response Plan
Enhanced Third-Party & Supply Chain Risk Management
Impact Analysis
Event Types (2 identified)
Ransomware
Malware / Destructive Attack
Financial Impact
$0 USDRecords Affected
0Primary Impacts
Operational Disruption
Key Decisions Made
Utilities and pipelines must complete self-assessments of security measures under 2018 TSA cybersecurity guidelines.; New requirements for internal security staffing and reporting of cyberattacks to CISA have been established.; Utilities and pipelines must conduct criticality analyses to determine if assets meet new criteria for critical energy infrastructure, with strict deadlines for compliance.
Technical Analysis
Attack Method
Unpatched Vulnerability
Vulnerability / Tool
VPN
Additional Information
Quick Facts
- Company:
- Electric/Gas Utilities and Oil/Gas Pipelines
- Date:
- 28/05/2021
- Status:
- Resolved
- Decision Maker:
- Transportation Security Administration (TSA)
- Position:
- nan
- Published:
- 12/08/2021
Source Information
Original Query
TSA pipeline security directive implementation audit reports post-Colonial attackTimeline
Information Published
12/08/2021
Incident Occurred
28/05/2021 (1578 days ago)
Status: Resolved
Estimated resolution based on age