The Department of Homeland Security is mandating that pipeline companies report cyber breaches to federal authorities within 12 hours, according to government officials.
The directive comes in the wake of the Colonial Pipeline ransomware attack, which resulted in supply chain delays and panic buying at gas stations along the East Coast and southern United States.
DHS officials rolled out what they call a "multi-pronged approach" to pipeline cyber security, which companies will now be responsible for putting into action.
Companies will be mandated to report pipeline related cyberattacks to the Cybersecurity and Infrastructure Security Administration within 12 hours of the breach; put in place a 24/7 cyber coordinator who can respond to incidents and coordinate with the TSA; and fix the breached pipeline within 30 days and outline a plan to proceed.
"This is the first time that there's been mandatory reporting of cybersecurity incidents," one senior DHS official said. "These are important steps forward and they should be understood as part of a broader strategic plan to ensure that the pipeline sector does what's needed to protect against the kind of cyber incident that we saw with respect to Colonial and enable the department to better identify, prevent and respond to such kinds of cyber incidents in the future."
Failure to comply with the directives could result in steep financial penalties for companies, senior DHS officials explained, adding the directive affects some of the "most critical pipelines in the country."
The directive affects about 100 companies, officials said.
Officials stressed it was a balancing act between being transparent, but also not providing a playbook for potential attackers to use against other companies.
While it did not say if DHS will be issuing more directives for other companies, the department's hope is that the increase in ransomware attacks will put companies on high alert.
DHS officials called the increase in ransomware attacks a threat to national security and said that pipeline companies have been battling ransomware for some time.