Federal push to identify, protect critical groups from hackers gains momentum

Federal push to identify, protect critical groups from hackers gains momentum
© Greg Nash

Efforts in the federal government and Congress to identify and further protect groups critical to national security from cyber threats are gaining ground amid recent destructive ransomware attacks, officials say.

Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said Friday that her agency has kicked off an effort to identify “primary systemically important entities” to be protected from threats, often those critical to national continuity. 

“We are prototyping a variety of different approaches in our National Risk Management Center … to try and start identifying those entities that are in fact systemically important, and we are doing it based on economic centrality, network centrality, and logical dominance in the national critical functions,” Easterly said during a virtual event hosted by the Center for Strategic and International Studies (CSIS). 

ADVERTISEMENT

CISA’s efforts to identify organizations to further protect come as the nation continues to face a wave of ransomware attacks that have, at times, destabilized key supply chains. These have included the ransomware attack in May on Colonial Pipeline, which led to gas shortages in multiple states for over a week. 

“Ransomware, truly a scourge that is affecting all of our lives every day,” Easterly said Friday.

The new program at CISA is being explored as momentum builds on Capitol Hill to take action to guard against such attacks.

House Homeland Security Committee ranking member John KatkoJohn Michael Katko Romney tests positive for coronavirus Romney participating in fundraiser for Liz Cheney New York redistricting panel surrenders over impasse MORE (R-N.Y.) and Rep. Abigail SpanbergerAbigail Davis SpanbergerPelosi says she's open to stock trading ban for Congress On The Money — Ban on stock trading for Congress gains steam Joining Pelosi, Hoyer says lawmakers should be free to trade stocks MORE (D-Va.) earlier this month introduced the Securing Systemically Important Critical Infrastructure Act. The bill would authorize CISA to set up a program to identify critical groups to protect, similar to what the agency is now undertaking. 

Easterly stressed Friday that while the legislation is similar, she still supported the need to sign it into law. 

“I think that signaling, that ending up in law, will be very helpful in continuing to bring the private sector to the table, because I think we are in a state now where our critical infrastructure is much more vulnerable than it should be, and frankly that’s what I worry about most every day,” Easterly said. 

Katko, speaking at the same event Friday, teased the potential for his legislation to be included in the annual National Defense Authorization Act, particularly as he is set to sit on this year’s conference committee on the defense package. 

“NDAA has become a very potent vehicle to get legislation passed that sometimes may struggle to get going on its own,” Katko said. “We are hopeful if and when it goes to conference, I’m going to be on that conference committee to make sure those bills stay in there, so yes it absolutely has become a potent ground for doing that.”

Efforts around identifying which organizations are critical have become increasingly important as Congress also considers various forms of legislation to mandate critical groups to report cyber incidents to the federal government.

In part, this is to address threats coming from countries including Russia and China, with multiple major cyberattacks over the past year linked to cyber criminals based in Russia. 

ADVERTISEMENT

President BidenJoe BidenFormer chairman of Wisconsin GOP party signals he will comply with Jan. 6 committee subpoena Romney tests positive for coronavirus Pelosi sidesteps progressives' March 1 deadline for Build Back Better MORE addressed this issue with Russian President Vladimir PutinVladimir Vladimirovich PutinUK prime minister to call Putin in attempt to stop Ukraine invasion Belarusian president vows war if Russia, Belarus attacked Biden says he'll send troops to Eastern Europe in 'near term' MORE earlier this year during their in-person summit in Geneva, handing the Russian leader a list of 16 entities that were off limits to attack.

While Biden has taken a series of other actions against Russia for cyber activities, including levying sanctions on the country in April in retaliation for the SolarWinds hack, both Easterly and Katko advocated Friday for going further, particularly as Russian cyberattacks continue

“It has to be all instruments of national power, and we have to be able to stand behind, when we say we are going to impose costs, when we say we are going to hold actors accountable, we have to be able to have tools that can effectively do that,” Easterly said. 

Katko advocated for more sanctions in response to malicious cyber activity.

“I think that we need to do more than we’re doing at a minimum,” Katko said. “We can’t have China acting with impunity attacking our systems, and malign actors within Russia acting under the perimeter of Putin to be going unchecked, and they largely have.”

“I think that we need to not do something that is going to start World War Three, but we need to do something to make them feel the pain,” he said.