WASHINGTON, D.C.— Today, Congresswoman Elaine Luria’s Pipeline Security Act passed unanimously out of the House Committee on Homeland Security (HCHS). The bipartisan legislation would support the Department of Homeland Security’s (DHS) efforts to secure pipelines and pipeline facilities from cyberattacks, terrorist attacks, and other nefarious efforts.
“Cybersecurity is a dangerous and emerging threat, and the recent attack on the Colonial Pipeline proves we need to do more to protect our vital infrastructure,” Congresswoman Luria said. “There’s no reason that protecting our infrastructure can’t be a bipartisan effort, and I look forward to working with my colleagues to advance this legislation forward.”
The Pipeline Security Act would:
Explicitly codify TSA and the Cybersecurity and Infrastructure Security Agency’s (CISA) roles in securing pipelines.
Codify TSA’s Pipeline Security Section and require TSA to develop a personnel strategy for staffing it.
Require TSA to update pipeline security guidelines within a year of enactment.
Improve mechanisms for stakeholder engagement and congressional oversight of TSA’s efforts.
Congresswoman Luria introduced the legislation along with Congressman Emanuel Cleaver (MO-05), House Committee on Homeland Security (HCHS) Bennie Thompson (MS-2), Ranking Member John Katko (NY-24), and eleven of her HCHS colleagues
Paul Plante says
A lot of political BULL**** that does nothing to keep America safe.
Just blather to keep the Congresswoman’s name in print.
Is she just now waking up to the fact that there are very skilled hackers out there?
As far as I can recall, there have been hackers now for at least the last twenty years.
And by the way, the Colonial Pipeline Caper was about money, as we see from the OilPrice.com story “Colonial Pipeline Paid Hackers Nearly $5 Million In Ransom After Attack” by By Tsvetana Paraskova on May 13, 2021, to wit:
Colonial Pipeline has reportedly paid ransom, to the tune of almost US$5 million in untraceable cryptocurrency, to the hackers that forced the operator to shut down the main U.S. fuel pipeline on Friday, Bloomberg reported on Thursday, citing two sources with knowledge of the transaction.
Colonial Pipeline has reportedly said previously that it would not pay ransom to the hackers to restore the operations of the key gasoline and diesel pipeline that carries around 45 percent of the fuel consumed on the Eastern Seaboard.
According to Bloomberg’s sources, after receiving the ransom, the hackers—believed to be based in either Eastern Europe or Russia—sent Colonial Pipeline a decrypting tool to restore the computer network.
A representative for the pipeline operator declined to comment on the report for Bloomberg.
The main pipeline carrying gasoline and diesel to the U.S. East Coast shut down after a ransomware attack late on Friday, sparking a run to gas stations and sending gasoline prices surging.
As of May 13, the national average price of regular gasoline had jumped to $3.028 per gallon, topping the $3 mark for the first time since 2014.
The attack also highlighted the challenges in protection against cyberattacks, and prompted U.S. President Joe Biden to sign on Wednesday an Executive Order to improve the nation’s cybersecurity and protect federal government networks.
“Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals,” the White House said.
end quotes
Wow, how to go, Joe!
Just waking up to realize there is a world out there!
As to hacking, a friend of mine is in the computer security business and has been for many years, this without waiting for Joe Biden and Elaine Luria to finally wake up to an issue most people have know about for years, and this is what he says, and Wayne Creed can back it up or not, about computer code:
“All computer code is hackable.”
“If it’s written by a human it can be hacked.”
“All computer code can be reversed from machine language into the actual commands that cause all computer systems or any computer system to work.”
” There’s no such thing as writing code that can’t be hacked.”
“Computer systems can operate in a singular fashion or as members of a network.”
“They can be attacked individually or as a group.”
“Once they are compromised they can themselves propagate and attack either singularly or as a unit.”
“A couple weeks ago one of the vendors we use for the management of our computer directory systems was attacked.”
“The attack was what is known as a denial of service.”
“Simply to send a whole bunch of commands to a computer system and overload it so that it cannot do any other work other than try and process the inbound commands.”
“It was extremely difficult to stop because whoever perpetrated the attack had compromised hundreds of systems in geographical US.”
“So therefore these were anonymous systems, the owners have no idea they were participating in attack, and they were all sending commands to a vendor we deal with where our systems run on their computers.”
“And their network kept crashing under the weight of the attack.”
“Think about it for a second.”
“Whoever perpetrated the attack had to first compromise hundreds of systems in the continental US, then turn around and attack the perimeter security systems of the vendor that we use.”
“They attacked them to the point where they caused the vendors perimeter to overload and therefore shut down, which shut down our service.”
“How did we stop it?”
“We evaluated the strings of data that they were using to create the attack and found a variable in them that was somewhat unique.”
“Then the vendor programmed their perimeter systems to detect that variable and deny those requests at a very high level.”
“Therefore returning the network to working order.”
“This took about 2 days to figure out.”
“So if you think about it.”
“It’s a pretty interesting scenario to scheme up, and then execute.”
“There are lots of smart people in the world that love to do that kind of stuff.”
“For many of them it’s not a matter of right or wrong, it is simply a job.”
“Whether they work for organized crime, the Russians, the Chinese, the Iranians, or sit in a convent and have nothing to do in their spare time but scheme up ways to do this junk and then far away watch the world react!”
Paul Plante says
And why on earth does the so-called Department of Homeland Security (DHS) need Elaine Luria to tell it how to do its job?