Regulation of natural gas pipeline security, currently a responsibility of the Transportation Security Administration (TSA), should be shifted to the Department of Energy (DOE), according to FERC Commissioners Neil Chatterjee and Richard Glick.
Cyberattacks by foreign enemies launched against critical U.S. infrastructure -- including energy facilities -- are increasing, Chatterjee and Glick wrote in Axios' expert voices program Monday. Electricity grid operators are required to comply with Federal Energy Regulatory Commission security standards, but there are no comparable standards for the nation's network of natural gas pipelines.
Last year TSA, the same agency that oversees commercial air traffic, rail lines and highways, said it had just six full-time employees tasked with securing more than 2.7 million miles of U.S. natural gas, oil, and hazardous liquid pipelines, according to the commissioners.
"Given the high stakes, Congress should vest responsibility for pipeline security with an agency that fully comprehends the energy sector and has sufficient resources to address this growing threat. The Department of Energy could be an appropriate choice: It is the Sector-Specific Agency for energy security and recently created its own cybersecurity office."
The ultimate regulator of the pipelines should have the statutory authority, resources and commitment to implement mandatory standards, as FERC has done for the electric grid, the Commissioners said.
TSA is an agency of the U.S. Department of Homeland Security (DHS).
Earlier this year, several agencies within the federal government said they were investigating a series of cyberattacks directed at a third-party software system used by several U.S. natural gas pipeline companies. The cyberattacks were directed at pipelines using the Electronic Data Interchange (EDI), a platform offered by Latitude Technologies Inc., a subsidiary of Norwell, MA-based Energy Services Group LLC. DHS, DOE and FERC all reportedly participated in the investigation.
The Trump administration previously accused Russian government operatives of targeting the U.S. energy sector, government agencies and other critical infrastructure sectors with a series of cyberattacks for at least the last two years. The accusation followed an investigation by DHS and the Federal Bureau of Investigation.
In early March, the House Committee on Science, Space and Technology issued a report that found Russian agents were using social media to try and disrupt energy markets in the U.S.
DOE established a cybersecurity office in February. The Office of Cybersecurity, Energy Security and Emergency Response would be led by an assistant secretary who "will focus on energy infrastructure security, support the expanded national security responsibilities assigned to the department and report to the Under Secretary of Energy," according to DOE.