Federal pressure to identify and protect critical groups from hackers grows
Federal and Congressional efforts to identify and further protect national security groups from cyber threats are gaining traction amid recent destructive ransomware attacks, officials said.
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said on Friday her agency had launched an effort to identify “primary systemically important entities” to protect against threats, often those that are critical to security. national continuity.
âWe are prototyping a variety of different approaches in our national risk management centerâ¦ functions,â Easterly said at a virtual event hosted by the Center for Strategic and International Studies (CSIS).
CISA’s efforts to identify organizations for further protection come as the country continues to face a wave of ransomware attacks that have at times destabilized key supply chains. These include the May ransomware attack on Colonial Pipeline, which resulted in gas shortages in several states for more than a week.
âRansomware, really a bane that affects all of our lives every day,â Easterly said on Friday.
CISA’s new agenda is explored as momentum builds on Capitol Hill to take action to guard against such attacks.
Ranking member of the House Internal Security Committee John katkoJohn Michael Katko Now is the time to take stock of our cyber defenses New hacking efforts show Russia is not deterred by US actions The 9 Republicans who voted for Bannon to despise Congress MORE (RN.Y.) and Rep. Abigail SpanbergerAbigail Davis Spanberger Now is the time to take stock of our cyber defenses. Anti-Trump Republicans are targeting McCarthy, Scalise and other leading conservatives. (D-Go.) earlier this month presented the Act Respecting the Security of Critical Systemically Important Infrastructures. The bill would authorize the CISA to put in place a program to identify critical groups for protection, similar to what the agency is currently undertaking.
Easterly pointed out on Friday that while the legislation is similar, it still supports the need to enact it.
“I think this flag, which will end up in the law, will be very helpful in continuing to bring the private sector to the table, because I think we are now in a state where our critical infrastructure is much more vulnerable than it is.” should be, and frankly that’s what I worry about the most every day, âsaid Easterly.
Katko, speaking at the same event on Friday, raised the possibility of his legislation being included in the annual National Defense Authorization Act, especially since he is expected to sit on the committee for this year’s conference. on the defense package.
“The NDAA has become a very powerful vehicle for pushing through legislation that can sometimes be difficult to put in place on its own,” Katko said. “We hope that if and when he goes to the conference, I will be a member of this conference committee to make sure these bills stay there, so yes, it has absolutely become a powerful ground for doing it.”
Efforts to identify critical organizations have become increasingly important as Congress is also considering various forms of legislation to require critical groups to report cyber incidents to the federal government.
Part of this is about dealing with threats from countries like Russia and China, with several major cyber attacks over the past year linked to Russian-based cybercriminals.
President BidenJoe Biden Former Lawmakers Sign Brief Against Trump’s Executive Privilege Claims in Jan.6 Inquiry Biden Appoints Sara Minkara as U.S. Special Advisor on International Disability Rights Fox Poll Shows Youngkin Leads McAuliffe 8 points among likely voters PLUS discussed this issue with the Russian President Vladimir PoutineVladimir Vladimirovich Putin India rejects calls for a net zero carbon emissions target. earlier this year at their in-person summit in Geneva, handing the Russian leader a list of 16 entities banned from attack.
While Biden took a series of other steps against Russia for cyber activity, including imposing sanctions on the country in April in retaliation for the SolarWinds hack, Easterly and Katko pleaded on Friday to go further, especially as that Russian cyber attacks continue.
“It must be all the instruments of national power, and we must be able to be behind, when we say that we are going to impose costs, when we say that we are going to hold the actors to account, we must be able to have tools that can actually do it, âEasterly said.
Katko called for more sanctions in response to malicious cyber activity.
âI think we need to do more than we are doing at the minimum,â Katko said. “We cannot allow China to act with impunity attacking our systems, and malicious actors in Russia operating under Putin’s perimeter are unchecked, and they largely have.”
âI think we shouldn’t do something that is going to start World War III, but we have to do something to make them feel pain,â he said.