The US Transportation Security Administration issued a directive requiring oil pipeline operators to implement specific measures to protect against ransomware and other threats to their business and operational technology (OT) networks. The directive is the TSA’s second for pipeline operators in the last two months and is a sign of heightened concerns over cyber vulnerabilities in US oil and gas infrastructure following the crippling ransomware attack on Colonial Pipeline in May. The new directive also appears linked to growing concerns about the threat to US critical infrastructure from cyber-threat groups backed by the Chinese government. The US Cybersecurity and Infrastructure Agency (CISA) issued an alert on a Chinese spear-phishing and cyber-intrusion campaign between 2011 and 2013 that targeted 23 US gas pipeline operators.”]