Senate legislation meant to provide resources and enhance coordination for major cyberattacks, such as the one recently experienced in the Colonial Pipeline attack, has unanimously advanced out of the Senate Homeland Security and Governmental Affairs Committee.
The bill, which will now face the consideration of the full Senate, was originally introduced by U.S. Sens. Gary Peters (D-MI) and Rob Portman (R-OH). Specifically, the bill would create the Cyber Response and Recovery Fund for the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA). Some $20 million in funds would also be set up to provide direct support to public or private organizations over the next seven years as they respond to or recover from significant cyber attacks and breaches, as recognized by the Secretary of Homeland Security. DHS will have to report to Congress on the fund’s use.
“This most recent attack against a major U.S. pipeline, which has real-world consequences on the lives of millions, shows that whether it is criminal organizations or foreign governments – bad actors will always look to exploit cybersecurity vulnerabilities to cause disruptions to American life,” Peters said. “That is why it is essential we work to keep our nation’s critical infrastructure safe from cyber-attacks and enable our national security apparatus to better coordinate response and recovery efforts for breaches.”
Cyberattacks in this increasingly digital-reliant world can present significant costs to public and private organizations and cause major disruptions to daily life. Take the case of the Colonial Pipeline, which was hit by a ransomware attack from a hacking collective called DarkSide this week. That resulted in the company pulling its 5,500-mile system offline, endangering the East Coast’s fuel supply as the hackers demanded a $100 million ransom.
In events like these, the new legislation would grant the Secretary of Homeland Security, in consultation with the National Cyber Director, the power to declare a Significant Incident in the event of an ongoing or imminent attack that would impact national security, economic security, or government operations. At that point, CISA would be empowered to step in and coordinate federal and non-federal response efforts.
“Our nation is increasingly vulnerable to cyberattacks every day, as the Colonial Pipeline ransomware attack showed,” Portman said. “Cyberattacks are getting worse and more frequent while the government and critical infrastructure are more dependent on information technology. Our legislation passed by the Homeland Security and Governmental Affairs Committee will provide an important emergency resource when major cyberattacks occur and overwhelm the organizations attacked.”