Legislation to secure critical systems against cyberattacks moves forward in the House

Legislation to secure critical systems against cyberattacks moves forward in the House
© Greg Nash

Multiple bills meant to secure critical infrastructure against cyber threats were approved by the House Homeland Security Committee on Tuesday afternoon, just a week after a ransomware attack on the Colonial Pipeline caused fuel shortages across the nation. 

The committee unanimously approved the Pipeline Security Act, introduced last week by Rep. Emanuel Cleaver (D-Mo.) and a dozen other bipartisan cosponsors, which would boost pipeline security efforts at both the Transportation Security Administration (TSA) and the Cybersecurity and Infrastructure Security Agency (CISA).

Additionally, the committee approved legislation, spearheaded by Rep. Elissa SlotkinElissa SlotkinHouse erupts in anger over Jan. 6 and Trump's role House passes host of bills to strengthen cybersecurity in wake of attacks Democrat unveils bill to allow only House members to serve as Speaker MORE (D-Mich.) requiring CISA to establish a National Cyber Exercise Program to test critical infrastructure readiness against cyberattacks.

ADVERTISEMENT

The State and Local Cybersecurity Act, a major bipartisan effort to help defend against cyber attacks sponsored primarily by Rep. Yvette ClarkeYvette Diane ClarkeHouse passes host of bills to strengthen cybersecurity in wake of attacks Haiti Caucus: Forging path out of crisis will not be quick, but necessary to avoid false 'democracy' US lawmakers express shock at Haitian president's assassination MORE (D-N.Y.), chair of the committee’s cybersecurity subcommittee, was also unanimously approved. The legislation would provide $500 million annually for five years to state and local governments to address increasing cyber threats.

Finally, the committee also approved legislation sponsored primarily by Rep. Sheila Jackson LeeSheila Jackson LeeBiden signs bill to bolster crime victims fund The faith community can help pass a reparations bill Hillicon Valley: Russian hacking group believed to be behind Kaseya attack goes offline | DHS funding package pours millions into migrant surveillance | Jen Easterly sworn in as director of DHS cyber agency MORE (D-Texas) to help improve the reporting of cybersecurity vulnerabilities. The legislation was previously approved by the House in 2019, but was never taken up by the Senate. 

Jackson Lee testified Tuesday of the need for the legislation following reports that Colonial Pipeline paid the cyber criminals behind the ransomware attack around $5 million to regain access to its networks and begin operations after temporarily shutting down. The company has not publicly confirmed that it paid the ransom, but it has not denied reports. 

“When Colonial Pipeline was asked by the White House to respond about whether they paid ransom, it was a slow, slow response, almost attempting to hide from the government what they had done,” Jackson Lee noted. 

The leaders of the House Homeland Security Committee on Tuesday underlined the need to move the legislation quickly, particularly following escalating cyberattacks in recent months such as the SolarWinds hack and the recent ransomware attack that forced the temporary shut down of the Colonial Pipeline. 

ADVERTISEMENT

“Just over 10 days ago, a ransomware attack against one of the nation’s largest pipeline companies has brought a new urgency to our work,” Committee Chairman Bennie ThompsonBennie Gordon ThompsonDemocrats plow ahead with Jan. 6 probe, eyeing new GOP reinforcements Pelosi considering Kinzinger for Jan. 6 panel: report House erupts in anger over Jan. 6 and Trump's role MORE (D-Miss.) said during the markup on Tuesday. “Since the beginning of this Congress, this committee has engaged in extensive oversight of these events and how the Federal government partners with others to defend our networks. Today, we are considering measures resulting from that oversight.”

Ranking member John KatkoJohn Michael KatkoSenators introduce bipartisan bill to secure critical groups against hackers House erupts in anger over Jan. 6 and Trump's role McCarthy yanks all GOP picks from Jan. 6 committee MORE (R-N.Y.) also expressed his support for the measures.

“As many Americans witnessed just last week, cyber attacks have the potential to disrupt our daily lives and impact our economic and national security,” Katko said. “The committee’s passage of several cyber-focused bills represents critical progress toward improving our cyber resilience and making sure our country is better prepared to mitigate attacks like this in the future.

All four bills are next headed to the House floor for a vote. While timing on when the House will consider the measures is unclear, a spokesperson for Thompson told The Hill that they may be brought up in June.