The Department of Energy (DOE) will prioritise its research programmes on cybersecurity in the fiscal year 2022. In a House Appropriations subcommittee hearing, a member pointed out that the DOE’s budget overview lacked any mention of cybersecurity. However, DOA reassured that DEO and its industry partners are totally focused on cybersecurity.
DOE is completely committed to getting industry partners the tools, intelligence and cyber response that they need to address the cyber threats that are out there. DOE is refocusing on providing grid operators with threat intelligence and response capabilities. DOE will be making sure that cyber R&D is a focus for all of their technology programmes.
In written testimony, DEO noted a 100-day plan announced by the White House in April to shore up the country’s electrical grid. The 100-day plan includes aggressive but achievable milestones and will assist owners and operators as they modernise cybersecurity defences, including enhancing detection, mitigation and forensic capabilities.
Deputy national security advisor has previously discussed the public-private partnership effort which is being launched around the same time the administration is expected to publish a wide-ranging executive order also focused on cybersecurity.
U.S. government needs the visibility of the systems on cybersecurity because of the significant consequences if they fail, or if they’re degraded. A high standard of visibility is the threshold of success they seek from a cyber perspective. Many efforts still need to be done achieve the results.
Cybersecurity has become an increasingly popular topic for both the executive branch and lawmakers as many cyberattacks have appeared, including ransomware attack against the U.S. Gasoline Pipeline . As reported by OpenGov Asia, U.S. Gasoline Pipeline learned it was the victim of a cybersecurity attack on May 7 and has since determined that the incident involved ransomware, code that holds computer systems hostage.
In response, the pipeline company proactively took certain systems offline to contain the threat. These actions temporarily halted all pipeline operations and affected some of their IT systems, which they are actively in the process of restoring.
According to an article, The US government has declared a state of emergency after the ransomware attack. The emergency status enables fuel to be transported by road. Experts said fuel prices were likely to rise 2-3% on May 10, but the impact will be far worse if it goes on for much longer.
Multiple sources have confirmed that the ransomware attack was caused by a cyber-criminal gang, who infiltrated Colonial’s network on Thursday and took almost 100GB of data hostage. After seizing the data, the hackers locked the data on some computers and servers, demanding a ransom.
The co-founder of a London-based cyber-security firm says that that the pipeline company’s cyberattack has come about due to the coronavirus pandemic. This is because of the rise of engineers remotely accessing control systems for the pipeline from home. He believes that the cybercriminal gang bought account login details relating to remote desktop. Third-party cybersecurity experts were also immediately engaged after discovering the issue and launched an investigation into the nature and scope of this incident.
The pipeline company remained in contact with law enforcement and other federal agencies, including the Department of Energy who is leading the Federal Government response. The company’s highest priority is to maintain the operational security of its pipeline. Their personnel have taken additional precautionary measures to help further monitor and protect the safety and security of its pipeline.
The pipeline company’s operations team is developing a system restart plan. While their mainlines remain offline, some smaller lateral lines between terminals and delivery points are now operational. They are in the process of restoring service to other laterals and will bring our full system back online only when they believe it is safe to do and in full compliance with the approval of all federal regulations.
This incident highlights the increasing risk ransomware is posing to critical national industrial infrastructure, not just businesses. It also marks the rise of an insidious criminal IT ecosystem worth tens of millions of pounds. It is unlike anything the cyber-security industry has ever seen before.