By Terri Jo Neff
According to the Arizona Corporation Commission, Arizona is served by several interstate pipeline transmission systems including Cross Country Energy Corp’s Transwestern Pipeline, Dominion Energy’s Southern Trails Pipeline, Energy Transfer Partners’ Transwestern Pipeline, Kinder Morgan’s El Paso Natural Gas, Mohave Pipeline, Questar’s Southern Trails Pipeline, Southwest Gas, and TransCanada’s North Baja Pipeline.
There are then several intrastate distribution and transmission pipelines, including Abbott Nutrition, Alliant Gas Arizona, Applied LNG Technologies, Arizona Public Service, Calpine Pipeline, Desert Gas Services, Duncan Rural Services, Gila River Power, Mineral Park Mine, Nucor Steel Kingman, Pimalco Aerospace Aluminum, Plains LPG Services, Swissport Fueling, UniSource Energy, and Zapco / Biogas Energy Tactics.
The recent Security Directive requires those operating critical pipelines to put into place mitigation measures to protect against ransomware cyberattacks and other threats to information technology and operational technology systems. They must also develop and implement a cybersecurity contingency and a recovery plan, and conduct a cybersecurity architecture design review.
“Through this Security Directive, DHS can better ensure the pipeline sector takes the steps necessary to safeguard their operations from rising cyber threats, and better protect our national and economic security,” according to Alejandro Mayorkas, Secretary of Homeland Security. “Public-private partnerships are critical to the security of every community across our country and DHS will continue working closely with our private sector partners to support their operations and increase their cybersecurity resilience.”
DHS and TSA issued an initial Security Directive in May following a ransomware on Colonial Pipeline, which moves gasoline, diesel, and jet fuel from Texas to the eastern United States. Colonial Pipeline paid a $4.4 million ransom to hackers who accessed the company’s billing software, triggering a pipeline shutdown until it was certain the cyberattack had not targeted the company’s operational software.
TSA’s heightened attention on pipeline cybersecurity issues follows the agency’s efforts over the last two decades to enhance the physical security preparedness of hazardous liquid and natural gas pipeline systems across the country.