The Department of Homeland Security on Tuesday announced new requirements for US pipeline operators to strengthen cybersecurity after a ransomware attack in May that disrupted gas distribution on the East Coast.
DHS said operators of federally designated critical pipelines would be required to implement “specific mitigation measures” to prevent ransomware attacks and other cyber intrusions. Operators must also implement contingency plans and the department should conduct a “cyber security architecture design review”.
It is the latest response by the Biden administration to a series of ransomware attacks on critical US infrastructure, including the May attack on the Georgia-based Colonial Pipeline.
Colonial paid an estimated $4.4 million in ransom, much of which was recovered by the Justice Department. The FBI has blamed a group of Russian-based hackers for the attack.
Russia has largely denied involvement in the cyberattacks on US institutions.
Russian hacker Levashov has been sentenced to time
A Russian hacker known internationally as a “bot master” was sentenced Tuesday to 33 months, already in custody on federal charges, for stealing computer credentials, distributing spam and malicious software. A network of equipment used to install had operated.
Peter Levashov, 40, pleaded guilty in 2018 to intentional damage to a protected computer, conspiracy, wire fraud and aggravated identity theft. Prosecutors said they operated multiple networks of hijacked computers, known as botnets, that were capable of pumping out billions of spam emails.