The Vital Importance of Pipeline and Transmission Infrastructure to Decarbonization - Energy Law Insights
Eminent Domain: First Principles, Kelo, and In Service of Infrastructure Buildout
On-Demand Webinar | Linear Infrastructure Redux: Adapting Your Projects to Meet the New Regulatory Climate
Nota Bene Episode 97: The Seismic Changes Renewables Are Bringing to Energy Transmission and Its Infrastructure with Mark Sundback
Policy Minute: TSA Cybersecurity Roadmap for Pipelines
The Department of Homeland Security’s Transportation Security Administration (“TSA”) has issued an amended directive on pipeline security, SD-Pipeline-2021-02D (the “Directive”). The Directive is based on and supersedes the...more
● Offshore Oil and Gas at Risk of Potentially Catastrophic Cyberattack: GAO - “The industry includes about 1,600 offshore oil and gas facilities that are highly dependent on remotely connected operational technology, the...more
Last year Colonial Pipeline halted one of the United States’ largest pipeline systems due to a ransomware attack. Within days a state of emergency was declared in 17 states. A few days later the pipeline resumed service, and...more
On March 15, 2021, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which will require critical infrastructure owners and operators (among other things) to report...more
Following significant collaboration with the industry, the Transportation Security Administration (TSA) issued a revised directive, effective July 27, 2022, which updates one of the prior directives issued in the wake of a...more
Should hazardous liquids pipelines be prepared to operate “manually” in the event of a future cyberattack? An almost million dollar fine proposed by the Pipeline and Hazardous Materials Safety Administration (“PHMSA”) on...more
A proposed $1M civil penalty against Colonial Pipeline for its procedural failures during a ransomware attack could indicate what’s in store for critical infrastructure operators who fail to keep employees up to date on how...more
Federal agencies have been actively looking at cyber threats to critical infrastructure. In a January 27 announcement the White House said: “it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the...more
Privacy In Focus®- In 2021, cyber gained prominence as a top business risk and national security concern with ransomware attacks wreaking havoc on business operations and critical infrastructure. Companies large and small,...more
Cybersecurity threats to critical infrastructure systems are nothing new. But events over the last few years have been notable due to the seemingly increased frequency of successful attacks and the way those attacks have been...more
The Transportation Security Administration (TSA) on July 20, 2021, reversed two decades of pipeline cybersecurity policies. Having previously advocated for voluntary pipeline cybersecurity standards, the TSA quickly issued...more
Following a series of major ransomware attacks, including against Colonial Pipeline, which provides the East Coast with 45 percent of its gasoline, jet fuel and diesel, President Biden issued a National Security Memorandum...more
The increased concern about ransomware incidents from both quantitative and severity standpoints, spurred the White House to urge corporate business leaders to improve their defenses and resilience posture against ransomware...more
On July 20, 2021, the Department of Homeland Security’s Transportation Security Administration (“TSA”) announced the issuance of a second Security Directive regarding further enhancements to pipeline cybersecurity (the “July...more
CYBERSECURITY - Second Security Directive Issued by TSA to Pipeline Operators - The U.S. Transportation Security Administration (TSA) issued its second Security Directive to the pipeline industry on July 20, 2021,...more
The U.S. Transportation Security Administration (TSA) issued its second Security Directive to the pipeline industry on July 20, 2021, following the Colonial Pipeline cybersecurity incident. ...more
This week, the House of Representatives approved three measures aimed at improving cybersecurity in the energy industry...more
On March 18, 2021, the Department of Energy’s (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) announced three new research programs that are “designed to safeguard and protect the U.S. energy...more
You just can’t make this stuff up – the Justice Department, displaying its growing sophistication of the cyber world, announced it recovered most of the ransom paid to criminal hackers of Colonial Pipeline Co. (Colonial)....more
There is a growing clamor in Congress and the Executive Branch to do something after the Colonial Pipeline incident and other high-profile cyber-attacks. Rushing to impose broad new obligations is perilous. Policymakers...more
In an unusual and exciting twist to the Colonial Pipeline ransomware attack, the Department of Justice (DOJ) announced this week that it was able to retrieve $2.3 million of the $4.4 million paid by Colonial Pipeline to...more
On June 7, the Department of Justice (DOJ) announced that it seized 63.7 of the 75 bitcoins paid by Colonial Pipeline to ransomware attackers last month. The recovered bitcoins were valued at $2.3 million at the time of...more
In a rare cyber win for the good guys (at least one that’s publicly acknowledged), the DOJ revealed on Monday that it “had seized much of the ransom that a major U.S. pipeline operator had paid last month to a Russian hacking...more
On May 10, 2021, the hacking group DarkSide succeeded in shutting down the Colonial Pipeline with a ransomware attack that highlighted the vulnerability of the U.S. energy sector to cyberattacks. The attack led to a panic...more
The U.S. Department of Homeland Security (DHS) issued a security directive (Directive) that, for the first time, imposes mandatory cybersecurity requirements on companies in the pipeline industry. ...more