Citing the potential for Iran to attack critical U.S. infrastructure after the killing of Quds Force commander Qassem Soleimani, the Department of Homeland Security asked the chemical sector to beef up physical and cyber protections at these sensitive facilities.
The Chemical Security Insights bulletin from the Cybersecurity and Infrastructure Security Agency, “Enhancing Chemical Security During Heightened Geopolitical Tensions,” urges all “facilities with chemicals of interest (COI)—whether tiered or untiered under the Chemical Facility Anti-Terrorism Standards (CFATS) program—to consider enhanced security measures to decrease the likelihood of a successful attack.” COIs include toxic, flammable or explosive chemicals that could be released; chemicals that can be stolen and converted into weapons; and chemicals or materials at risk of sabotage that can be mixed with readily available materials.
It comes on the heels of a National Terrorism Advisory System bulletin that warned homegrown violent extremists “could capitalize on the heightened tensions” after the targeted killing of Islamic Revolutionary Guard Corps Quds Force leader Qassem Soleimani “to launch individual attacks.” Last week, a CISA alert told industries from energy to healthcare and beyond to prepare for a virtual strike from Iran by taking several technical actions “that will likely have the highest return on investment.”
Chemical-sector security has been a high priority for CISA even before the current escalation in tensions with Iran. DHS’ Chemical Facility Anti-Terrorism Standards program, or CFATS, was made permanent by Congress in 2014 and was extended for two years last January. Since the program’s inception and as of June, 4,023 high-risk facilities had undergone CFATS authorization inspections, 4,990 had undergone compliance inspections, and 5,539 had compliance assistance visits.
“Securing our nation’s chemical infrastructure is crucial to our economy, security, and public health. Chemical facilities throughout the United States, ranging from petrochemical manufacturers to chemical distributors, use, manufacture, store, and transport chemicals along a complex global supply chain,” Brian Harrell, CISA’s assistant director for infrastructure security, said in July, the month of the 12th annual Chemical Sector Security Summit. “The chemical industry is responsible for more than a quarter of the U.S. GDP, they support the production of almost all commercial and household goods, and this industry is essential to our economic growth. Despite the many benefits of key chemicals, they do not come without security risks.”
The Insights bulletin notes that Iran has targeted a variety of industries and organizations in the past, and said CISA “is monitoring the intelligence information and will inform high-risk chemical facilities if there are changes that warrant activation” of Risk-Based Performance Standards under CFATS.
Chemical facilities are urged to take steps before further escalation including adopting a state of heightened awareness, increasing vigilance and making sure reporting steps are in place, and exercising incident response plans.
To protect against cyber threats, chemical facilities are urged to back up critical information, conduct a risk analysis and properly train staff, scan for and patch vulnerabilities, whitelist approved network programs, and ensure plans are in place for business continuity in the event of an attack.
As far as physical threats, the chemical sector is advised to identify their specific vulnerabilities, learn about best practices, connect with their community to stay up to date on threats and inspections, and train employees with practical exercises.
“Remind personnel to call local law enforcement if you notice suspicious activity in or near your facility’s entry/exit points, loading docks, parking areas, restricted areas, or immediate vicinity,” says the bulletin.
Facilities are also urged to add extra monitoring, including increasing “roving patrols around chemical inventories and restricted areas,” temporarily restricting access, screening all vehicles coming and going from the gates, and adding or upgrading exterior building and perimeter lights. They can also tighten inventory and process controls, restrict access to critical assets, reinforce external barriers and more.
Stakeholders can find more information on CFATS here, and can arrange for help in shoring up a facility’s defenses with CISA Chemical Security Inspectors (CSI). Contact CISA immediately if a physical or cyber compromise is threatened or suspected.