House panel advances measure to guard U.S. ports from cyberattacks

House panel advances measure to guard U.S. ports from cyberattacks
© Getty

A House panel easily advanced legislation on Thursday aimed at protecting ports in the United States from cyberattacks, in the wake of a massive malware outbreak that crippled some operations at the Port of Los Angeles.

The House Homeland Security Committee approved the bill, introduced by a California Democrat, at a meeting Thursday morning as members commended it as a step toward boosting cybersecurity of America’s infrastructure.

Rep. Norma Torres (D-Calif.) introduced the legislation in late June, after the “notPetya” malware attack ravaged computer systems in Europe and the United States. The computer virus shut down the largest terminal at the Port of Los Angeles after it made its way into the operations of global shipping company A.P. Moller-Maersk. The shipping terminal was closed for several days after the cyberattack.

Torres’s bill directs the Secretary of Homeland Security to take steps to boost cybersecurity information sharing and coordination at U.S. ports. For instance, it mandates that at least one maritime community representative participate in DHS’s information sharing hub for cyber threats to critical infrastructure, known as the National Cybersecurity and Communications Integration Center.

A version of the bill passed the House last Congress but never moved in the Senate. 

ADVERTISEMENT

A Democrat who represents the district of the Port of Los Angeles cheered the legislation on Thursday.

“Just a couple months ago, there was a cyberattack there that shut down the largest terminal and really had an impact on the movement of goods and what it means to the economy is enormous,” said Rep. Nanette Diaz Barragán (D-Calif.). “Having a maritime rep in the National Cybersecurity and Communications Integration Center is deeply important.”

The committee approved the bill with no amendments, among four pieces of legislation under consideration at the markup.

“America’s adversaries have proven to be very agile. With new advances in technology, they seek to expose weaknesses in our transportation systems, our ports of entry, and our online networks,” Chairman Michael McCaul (R-Tex.) said in opening remarks. “The bills we are marking up today are important steps to securing each of those areas.”

Following the meeting, McCaul signaled that he will visit the Port of Los Angeles later this year in order to review its cybersecurity operations.

The “notPetya” malware first broke out in Ukraine, spreading to companies through a malicious tax software update that was infected by hackers and unknowingly pushed out by a tax software firm. Eventually, the malware spread to companies in other countries in Europe and the United States.

Maersk said last month that the cyberattack cost the company up to $300 million in the third quarter.

“With more than $1.3 trillion in cargo moving annually through our commercial ports and the increased use of cyber technology to manage port operations ranging from communication and navigation to engineering, safety, and cargo, it is critical to protect our maritime cyber infrastructure,” Torres said when she first introduced the bill.