Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • On the Importance of Protecting U.S. Pipeline Owners and Operators
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware

On the Importance of Protecting U.S. Pipeline Owners and Operators

5 years ago Alex Bagwell
On the Importance of Protecting U.S. Pipeline Owners and Operators

In the beginning of May, a U.S. pipeline company suffered a ransomware attack. The company decided to respond by halting operations while it investigated the incident. This delayed tens of millions of gallons of fuel from reaching their destination all along the East Coast.

Less than a week later, Bloomberg reported that the company had paid millions of dollars to a ransomware group in order to regain access to their systems. U.S. government officials were aware of the payment, a source told Bloomberg. Acting through the Department of Justice (DOJ), those individuals retrieved part of the payment from the attacker’s bitcoin wallet.

The TSA’s Response

Alejandro Mayorkas, Secretary for the Department of Homeland Security (DHS), responded to the pipeline security incident discussed above by meeting with other officials to consider how they might leverage the Transportation Security Agency (TSA) to improve the digital security of the pipeline industry. Those individuals together decided that the TSA, a unit of the DHS, would issue a new security directive concerning companies in that sector. According to the Washington Post, the directive requires pipeline organizations to disclose security incidents such as ransomware attacks to TSA and the Cybersecurity & Infrastructure Security Agency (CISA). It also mandates that those organizations have someone like a CISO who has a 24/7 direct line to both TSA and CISA for the purpose of reporting an attack.

Senior officials at the DHS went on to say that the security directive will precede the release of a set of robust security controls concerning pipeline organizations. Those controls will break from previous pipeline security guidelines, noted by The Washington Post, as they won’t be voluntary. Pipeline organizations will need to use them to harden the security of their systems or risk incurring financial penalties.

Tripwire’s Response to the TSA’s Security Directive

Tripwire recognizes the importance of protecting U.S. pipeline owner/operators as well as their importance to the U.S. economy and citizens’ livelihood and well-being. A leading provider of IT and OT system integrity solutions, Tripwire stands ready to partner with the DHS on several key provisions of the TSA’s security directive. These requirements include the following:

Leverage a Designated Executive Available in the Event of a Security Incident

While Tripwire can’t designate an executive in the event of an intrusion, its cybersecurity solutions help the designated executive to gain visibility into what, when, and where there has been impacted due to a cybersecurity event. These details allow the designated executive to quickly identify the impacted assets down to MAC IDs, IP Addresses, Serial Numbers, and Host Names to assess corruption while also producing log files to better diagnose the situation.

Designate a Cybersecurity Coordinator with 24/7 Availability to TSA and CISA

Tripwire can monitor continuously both in the IT and OT environments against policies, changes, or malicious activity. Tripwire can actively identify IT assets with agent or agentless capabilities perform passive deep packet inspection (DPI) against over 100+ IT and OT protocols, and bring back rich data of these assets. With Tripwire’s continuous 24/7 monitoring, the cybersecurity coordinator can easily respond back to the TSA and CISA with updates on potential intrusion to both the IT and OT environment.

Review Activities against TSA’s Recommendations in Section 7 of Security Guidelines

Tripwire covers all associated OT systems listed from SCADA, PCS, and DCS along with integration and visibility to the IT environments. System integrity—the continuous revalidation of trustworthiness—is essential to knowing that critical systems are as they should be. Additionally, Tripwire works closely with and provides out-of-the-box policy compliance for NIST recommendations provided within this document’s introduction.

Pipeline owner/operators will also be required to understand what assets are critical and non-critical on their networks. Tripwire can quickly help with scanning, identifying, and tagging assets on the OT systems for classification of critical and non-critical assets. From there it can provide out-of-the-box support for Owner/Operators in creating the TSA-required baseline policies and measurements on these newly classified assets. By monitoring for a desired system state and alerting to changes that may deviate from that state, it provides the ultimate backstop to other cybersecurity solutions, which tend to focus on detecting malicious activity.

Learn more about how Tripwire can secure your pipeline organization.

The post ” On the Importance of Protecting U.S. Pipeline Owners and Operators” appeared first on TripWire

Source:TripWire – Alex Bagwell

Tags: Critical Severity, Finance, Goverment, Malware, Ransomware, TripWire

Continue Reading

Previous SonicWall ‘Botches’ October Patch for Critical VPN Bug
Next Unpatched Linux Marketplace Bugs Allow Wormable Attacks, Drive-By RCE

More Stories

  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

2 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials

6 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents

7 hours ago [email protected] (The Hacker News)
  • Data Breach
  • Vulnerabilities

The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills

8 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

9 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks

12 hours ago [email protected] (The Hacker News)

Recent Posts

  • Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
  • Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
  • 5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
  • The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills
  • TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT