Recent events such as the May 2021 ransomware attack that shut down a pipeline supplying gasoline to much of the US East Coast illustrate the need for national cybersecurity plan and a greater government role protecting the United States’ infrastructure, the General Accountability Office (GAO) said in a report.
“To address critical infrastructure cybersecurity, key actions the federal government needs to take include (1) developing and executing a comprehensive national cyber strategy and (2) strengthening the federal role in protecting the cybersecurity of critical infrastructure,” the report said on Thursday.
If the federal government does not act with greater urgency, “the security of our nation’s critical infrastructure will be in jeopardy,” the report said.
Shortcomings cited in the report included Federal Aviation Administration inaction as of November 2021 on a year-old recommendation to prioritize oversight of and implement periodic testing of systems connecting pipelines to jet fuel deliveries.
Another example involved the Energy Department’s failure to implement plans to more fully protect the nation’s electricity grid, also as of November 2021, the report said.
Looking back at the May 2021 ransomware attack on the Colonial Pipeline, which supplies supplying gasoline to the Eastern United States, the report questioned the company’s decision to close the pipeline despite advice from the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI that the attack had been limited to the corporate information network but had not compromised pipeline control systems, the report added.
Overall, federal agencies have not addressed about 50 of the 80 recommendations made in GAO public reports dating back to 2010 including 14 of 11 priority recommendations as of November 2021, according to the report.
What is being done to Alex Jones has never been done before, top attorney warns.