Cybersecurity

Katko probes federal oversight of oil and gas industry cybersecurity

House Homeland Security Committee ranking member John Katko (R-N.Y.) on Tuesday dug into federal oversight of oil and gas sector cybersecurity following the shutdown of the Colonial Pipeline after a ransomware attack last week. 

In a letter provided to The Hill and sent to acting Cybersecurity and Infrastructure Security Agency (CISA) Director Brandon Wales, Katko raised questions around the agency’s Pipeline Cybersecurity Initiative and assessments conducted on pipeline assets as part of the program.

“In the wake of the Colonial Pipeline ransomware incident, ensuring the success, growth, and effectiveness of the Pipeline Cybersecurity Initiative is more important than ever before,” Katko wrote.   

The Pipeline Cybersecurity Initiative was founded in 2018 and involves CISA working with the Transportation Security Administration, the Department of Energy and critical infrastructure stakeholders to assess and secure U.S. pipeline systems.

Katko asked that CISA provide the committee with a briefing on the status of the Pipeline Security Initiative by June 1.

He also asked that the agency provide information on the number of Validated Architecture and Design Reviews that had been conducted as part of the initiative and if CISA planned to expand this program beyond natural gas pipelines following the Colonial Pipeline incident. 

“Better understanding common security flaws and common misconfiguration issues is in everyone’s best interests, and these aggregated insights will help enhance national resilience,” Katko wrote to Wales.

The letter was sent as the federal government continues to grapple with the fallout from the ransomware attack on Colonial Pipeline, which transports around 45 percent of the East Coast’s fuel supply between Texas and New York. 

The FBI assessed Monday that the company’s IT system had been hit by the “DarkSide” ransomware variant, with Colonial Pipeline choosing to shut down its operational technology in order to isolate the impacted systems and contain the damage. 

Katko wrote Tuesday that the cyberattack, one of the largest in U.S. history against a utility, underlined the need to protect critical infrastructure. 

“The recent ransomware attack against Colonial Pipeline Company only further highlights the threat posed to our nation’s critical infrastructure by cyber adversaries and the potential cascading effects these attacks can cause to our economic security and way of life,” Katko wrote. 

A spokesperson for CISA did not immediately respond to The Hill’s request for comment on the letter.

CISA has been among the agencies leading the federal response to the Colonial Pipeline incident, with the overall response spearheaded by the Department of Energy. 

Elizabeth Sherwood-Randall, President Biden’s homeland security adviser and deputy national security adviser, told reporters at the White House on Monday that CISA would soon issue an alert for the critical infrastructure community to understand any further risks from the attack on the Colonial Pipeline Co.