A group of bipartisan House lawmakers on Thursday introduced legislation intended to protect critical infrastructure from cyberattacks in the wake of an unsuccessful hack of a Florida water treatment facility.
The Department of Homeland Security (DHS) Industrial Control Systems Enhancement Act, spearheaded by House Homeland Security Committee ranking member John KatkoJohn Michael KatkoBiden challenged by early cyber threatsHouse-passed election bill takes aim at foreign interferenceBiden to meet with bipartisan lawmakers on infrastructureMORE (R-N.Y.), would give more authority to the Cybersecurity and Infrastructure Security Agency (CISA) to protect critical systems against attacks.
The CISA director would be required to maintain the ability to detect and respond to attacks on industrial control systems, and also be able to provide assistance to critical infrastructure groups.
The director would also be required to collect and distribute information on vulnerabilities in systems to owners and operators.
Lawmakers rolled the bill out a month after officials in Oldsmar, Fla., announced that a hacker has unsuccessfully attempted to tamper with systems at the towns water treatment facility to poison the water.
The legislation is also being introduced as CISA continues to grapple with two major cyber espionage incidents likely involving Russian and Chinese hackers that have potentially compromised thousands of U.S. government and private sector troops.
The bills cosponsors include a range of key House cybersecurity leaders, including House Homeland Security Committee Chairman Bennie ThompsonBennie Gordon ThompsonThe Hill’s 12:30 Report – Presented by ExxonMobil – Increased security on Capitol Hill amid QAnon’s March 4 dateHouse passes voting rights and elections reform billLawmakers line up behind potential cyber breach notification legislationMORE (D-Miss.), Cybersecurity Subcommittee Chairwoman Yvette ClarkeYvette Diane ClarkeLawmakers line up behind potential cyber breach notification legislationDHS announces new measures to boost nation’s cybersecurity Hassan to chair Senate emerging threats subcommitteeMORE (D-N.Y.), Cybersecurity Subcommittee ranking member Andrew Garbarino (R-N.Y.), and Rep. Jim LangevinJames (Jim) R. LangevinHillicon Valley: House approves almost billion in cyber, tech funds as part of relief package | Officials warn of ‘widespread’ exploit of Microsoft vulnerabilities | Facebook files to dismiss antitrust lawsuitsNew research finds ‘record-breaking’ number of K-12 cyber incidents in 2020Biden challenged by early cyber threatsMORE (D-R.I.), chair of the House Armed Services Committees cybersecurity subcommittee.
Other cosponsors are Reps. Don Bacon (R-Neb.), Kat Cammack (R-Fla.), Carlos Gimenez (R-Fla.), and John RutherfordJohn Henry RutherfordMarjorie Taylor Greene’s delay tactics frustrate GOPREAD: The Republicans who voted to challenge election resultsFlorida judge resigns from vote-counting board following report on Trump donationsMORE (R-Fla).
Katko on Thursday emphasized the need to strengthen CISA in the face of evolving threats and as it works to respond to several recent major cyberattacks.
As I have said consistently, we need to continue to build centralized cybersecurity capacity with CISA where possible for the entire critical infrastructure community to voluntarily benefit from, Katko said in a statement. This important piece of legislation will solidify CISAs lead role in protecting our nations critical infrastructure from cyber threats, particularly to our industrial control systems.
The House Homeland Security Committee, alongside the House Oversight and Reform Committee, are currently in the midst of an investigation into what has become known as the SolarWinds hack.
The incident, discovered in December, involved sophisticated Russian hackers successfully compromising at least nine federal agencies and 100 private sector companies for around a year through exploiting software from IT group SolarWinds, among other methods.
Top CISA officials discussed both the SolarWinds hack and recently uncovered vulnerabilities in Microsoft Exchange Servers exploited by Chinese hackers during a House subcommittee hearing earlier this week.
Acting CISA Director Brandon Wales testified that $650 million approved by the House on Wednesday for CISA as part of the COVID-19 relief package would not be enough to fully confront current and future threats.
$650 million … is a down payment. It accelerates some of these efforts, but this is going to require sustained investment, Wales testified to the House Appropriations Homeland Security Subcommittee.