with Aaron Schaffer

Top members of the House Homeland Security Committee say the Biden administration needs to produce a plan to secure the economy in the wake of a major cyberattack.

Lawmakers argue the recent hack of the Colonial Pipeline, which provides 45 percent of the fuel for the East Coast and forced the company to shut down operations for nearly a week, highlights the critical nature of such a plan.

Rep. John Katko (R-N.Y.), the ranking Republican on Homeland Security, and Chairman Bennie G. Thompson (D-Miss.), want the Biden administration to implement a strategy for ensuring the continuous operation of critical economic functions in the event of a significant cyber disruption. The power to do so was approved in last year's defense authorization bill, but has not been put in place.

Last week, we witnessed the exact reason this provision was enacted into law and why we supported it. The question now becomes one of implementation, Katko and Thompson wrote in a letter to President Biden. In the wake of the Colonial ransomware attack and its cascading effects along a large portion of the United States, we believe the Administration should act expeditiously to use this authority to ensure the resiliency of the economy.” 

The administration has taken a number of steps to address cybersecurity in light of recent emergencies.

Biden last week signed an executive order outlining more rigorous cybersecurity requirements for software providers that contract with the federal government. The administration has also launched a series of 100-day initiatives to improve cybersecurity in critical infrastructure, including the electric grid and oil and gas pipelines.

While the efforts have received broad support in Congress, Katko and Thompson say they're not a substitute for an emergency strategy.

While thankfully Colonial has begun the process to restore operations, the incident highlights the criticality and interdependencies of our nation’s critical infrastructure, they wrote. We as a nation can and must do more.

The letter requests a briefing from the White House about its plans. The White House declined to comment.

Meanwhile, the Homeland Security Committee yesterday passed a slew of bills to prevent future cyberattacks.

They include the Pipeline Security Act, which aims to bolster the Transportation Security Administration’s role in responding to attacks on pipelines. 

The panel advanced four other bills, including one to identify risks in critical supply chains and another focusing on cybersecurity vulnerabilities that would give the U.S. government the power to create an “incentive-based program that allows industry, individuals, academia, and others to compete in identifying remediation solutions for cybersecurity vulnerabilities.” 

The legislation that advanced also included a bill to establish a grant program for state, local, and tribal organizations to “address cybersecurity risks and cybersecurity threats”; and a bill to establish a “National Cyber Exercise Program” to test cyber readiness and responses to incidents.

“As many Americans witnessed just last week, cyber attacks have the potential to disrupt our daily lives and impact our economic and national security,” Katko said in a statement. “The Committee’s passage of several cyber-focused bills represents critical progress toward improving our cyber resilience and making sure our country is better prepared to mitigate attacks like this in the future."

The keys

The White House is encouraging Congress to double down on cybersecurity funding for energy systems in the American Jobs Plan.

The administration yesterday provided more details about the cybersecurity-related spending in its $2 trillion infrastructure proposal.

Items included $20 billion to help state, local, tribal and territorial governments modernize their energy systems to improve cybersecurity. The plan also earmarks $2 billion to support grid resilience, including cybersecurity defenses, in areas with high risk of power outages, critical infrastructure, and front-line communities.

The Biden administration stressed that the infrastructure plan's broadband funding will come with strict cybersecurity requirements, following an executive order outlining new cybersecurity requirements for federal contractors earlier this month.

A company investigating the breach of a Florida water treatment plant found a website targeting water utilities in the state.

Cybersecurity firm Dragos found that hackers had infected the website of a Florida water contractor to get data on user behavior at Florida water utilities, but that the malicious code “did not deliver exploits or attempt to achieve access to victim computers.”

The campaign was ultimately not related to the Feb. 5 hack of a water treatment facility, in which a hacker tried to poison the water supply with lye. 

Dragos said it could confirm with medium confidence the campaign did not compromise any organizations. Regardless, “it does represent an exposure risk to the water industry and highlights the importance of controlling access to untrusted websites, especially for Operational Technology (OT) and Industrial Control System (ICS) environments,” the firm wrote.

Hackers scan the Internet within minutes of new vulnerabilities being announced, researchers said.

Hackers scanned for vulnerable Microsoft Exchange servers within five minutes of Microsoft’s announcement of the widespread vulnerability, cybersecurity firm Palo Alto Networks said in a new report. That's faster than the average 15 minutes hackers took scanning other vulnerabilities announced from January to March. The report also found that of the 50 million Internet protocol addresses associated with 50 global enterprises, cloud computing was responsible for 79 percent of the most critical security issues.

Hill happenings

Securing the ballot

Cyber insecurity

Mentions

  • Rep. Jim Banks (Ind.) has been named the top Republican on the House Armed Services Committee’s cyber panel. The position was previously held by Rep. Elise Stefanik (R-N.Y.), who replaced Rep. Liz Cheney (R-Wyo.) as the No. 3 House GOP leader.

Chat room

Cisco Director of Threat Intelligence and Interdiction Matthew Olney:

An op-ed in the Hill had cybersecurity Twitter fuming.  LinkedIn CISO Geoff Belknap and SocialProof Security CEO Rachel Tobac:

Red Canary Director of Intel Katie Nickels:

Farhan Nearhan pointed out that the author of the piece, Allen Gwinn, posted a message on LinkedIn:

Daybook

  • SolarWinds president and CEO Sudhakar Ramakrishna speaks at the RSA Conference at 11:50 a.m. today.
  • Major General Maria B. Barrett, the commanding general of NETCOM, speaks at a TechNet Augusta event today at 2:15 p.m. 
  • The House Armed Services Committee’s cyber subcommittee holds a hearing on President Biden’s budget request for Defense Department technology programs on Thursday at 11 a.m.
  • The House Veterans’ Affairs Committee’s technology subcommittee holds a hearing on cybersecurity on Thursday at noon.
  • Senate Homeland Security and Governmental Affairs Committee chairman Gary Peters (D-Mich.) speaks at a workshop hosted by the USC Election Cybersecurity Initiative on Thursday at 1:30 p.m.
  • Col. Jeff Erickson, the director of the Army Cyber Institute, speaks at an event hosted by the Information Systems Security Association Northern Virginia Chapter on Thursday at 6 p.m.
  • Former Undersecretary of Defense for Policy Michèle Flournoy, the co-founder of WestExec Advisors, speaks at the Institute for Security and Technology’s Strat-Tech conference at 2:10 p.m. on May 25.  
  • Secretary of Homeland Security Alejandro Mayorkas testifies before a Senate Appropriations Committee panel on President Biden’s budget request at 2 p.m. on May 26.

Secure log off