Cybersecurity bills gain new urgency after rash of attacks | #government | #hacking | #cyberattack


Bipartisan bills aimed at strengthening U.S. cybersecurity after a string of major attacks are making headway in both the House and Senate.

The rare cooperation between Democrats and Republicans is a sharp contrast to the partisan divisions over other measures like voting rights legislation and major infrastructure components.

“Unlike some of the other things I’m working on, huge, huge progress,” Senate Intelligence Committee Chairman Mark WarnerMark Robert WarnerDemocrats confident their plans are coming together What we know so far about the .5 trillion budget deal Democratic senator: Reconciliation package to include clean electricity standard MORE (D-Va.) said of a cybersecurity proposal he is spearheading.

“We are very close to having almost every member of the committee on it,” Warner told The Hill on Tuesday. “It has been purely waiting for the members to get back [to Washington]. I’ve got to have a couple of member-to-member discussions, but the notion that we need some level of mandatory incident reporting, the fact that many business groups have coalesced behind this, I think it’s all great news.”

The draft bill, backed by Sens. Marco RubioMarco Antonio RubioMichigan GOP executive director quits under pressure from Trump allies The Hill’s Morning Report – Presented by Goldman Sachs – Biden backs Cuban protesters, assails ‘authoritarian regime’ Protests escalate US-Cuba tensions MORE (R-Fla.) and Susan CollinsSusan Margaret CollinsMurkowski: Trump has ‘threatened to do a lot’ to those who stand up to him Trump Jr. calls on Manchin, Tester to oppose Biden’s ATF nominee House Republican says colleagues’ ‘job’ is to slow Democratic priorities MORE (R-Maine) on the Intelligence Committee, would require federal agencies, federal contractors and owners and operators of critical infrastructure to report cybersecurity incidents within 24 hours to the Cybersecurity and Infrastructure Security Agency.

The legislation, in circulation since last month, would grant liability protections to groups that report breaches, going beyond the existing voluntary standards for reporting that have often hindered the government’s response in recent years.

“These voluntary approaches that have been pushed for so long have, in my view, so clearly contributed to some of the problems we have now,” said Sen. Ron WydenRonald (Ron) Lee WydenEquilibrium/ Sustainability — Senate Democrats want a new weed deal Senate Democrats unveil bill to decriminalize marijuana Democrats seek investigation into wealthy Americans’ tax-avoidance strategies MORE (D-Ore.).

“So we’ve got questions, we are working through them,” he added.

Senate Intelligence Committee member Sen. Roy BluntRoy Dean BluntTrump unhappy with Guilfoyle backing Greitens: report Giuliani to stump for Greitens in Missouri Lobbying world MORE (R-Mo.) told The Hill on Wednesday that he would also be cosponsoring the bill, while Sen. John CornynJohn CornynA plan to address the growing orphaned wells crisis The Hill’s Morning Report – Presented by Goldman Sachs – Biden backs Cuban protesters, assails ‘authoritarian regime’ Texas Republicans rip Democratic walkout: ‘It’s not very Texan’ MORE (R-Texas) indicated he might follow suit.

“I very much support the policy, and we are trying to work through some of the details,” Cornyn told reporters Wednesday.

Timing on introduction for the bill is still unclear, but lawmakers are pushing for swift action.

“I hope we can get it introduced as soon as possible,” Rubio said on Tuesday. “It seems not a week goes by that we don’t see a ransomware attack, each apparently more impactful and more devastating than the one before.” 

The progress on cybersecurity legislation comes after months of escalating attacks that have threatened national security and heightened tensions between the U.S. and Russia. 

The SolarWinds hack, discovered in December, allowed Russian government-linked hackers to compromise nine federal agencies and around 100 private sector groups for most of 2020. Ransomware attacks have been on the rise as well, with attacks on Colonial Pipeline, the source of 45 percent of the East Coast’s fuel, and on meat producer JBS USA in May wreaking havoc on critical supply chains. 

A ransomware attack on software company Kaseya earlier this month only served to further inflame concerns, with up to 1,500 companies potentially impacted, and the hack linked to the same Russian-based cyber criminals responsible for the attack on JBS USA.

“It’s a real crisis that we’re facing,” said Sen. Angus KingAngus KingNumber of nonwhite Democratic Senate staffers ticks up from 2020 Key centrist Tester will vote to proceed to .5T budget deal Democrats reach deal on .5T price tag for infrastructure bill MORE (I-Maine), a member of the Senate Intelligence Committee. “I think this is a moment now where everyone understands the gravity of the problem, and we are addressing it.”

The recent strides on cyber-related bills come amid movement on diverging infrastructure — one bipartisan, the other Democratic-only — and a stalemate over sweeping voting rights legislation.

“I just would love an extra 15 minutes today to spend on that as opposed to bipartisan infrastructure or reconciliation,” Warner said of his cybersecurity legislation. 

The Senate Homeland Security and Governmental Affairs Committee is also getting in on the action with work on a bipartisan bill meant to tackle ransomware attacks. Chairman Gary PetersGary PetersTop House Democrat presses Senate to take up watchdog bill Hillicon Valley: World disgusted by racist abuse toward players | Senate unanimously approves Jen Easterly to lead DHS cyber agency | WhatsApp privacy update sparks complaint from EU consumer groups Senate unanimously approves Jen Easterly to lead DHS cyber agency MORE (D-Mich.) told The Hill this week that his committee hopes “to have it ready in the next week or two, and hopefully mark it up shortly thereafter.” 

Cornyn noted that negotiations were ongoing between the Senate Intelligence and Homeland Security panels over their two bills, and that “minor differences” were getting resolved.

The Senate is not alone in moving forward with cyber legislation.

The House Homeland Security Committee approved a slate of bills in May aimed at securing critical infrastructure against hackers, including the Pipeline Security Act to shore up the security of companies like Colonial Pipeline.

The committee also approved the State and Local Cybersecurity Act, a major bipartisan proposal that would provide $500 million annually for five years to state and local governments to address increasing cyber threats.

A congressional source told The Hill on Wednesday that some of the committee bills were likely to get a vote on the House floor next week. Additionally, both the House Energy and Commerce and the Senate Judiciary committees are set to hold hearings on ransomware attacks before the end of the month. 

Rep. Jim LangevinJames (Jim) R. LangevinSenate unanimously approves Jen Easterly to lead DHS cyber agency Hackers zero in on Tokyo Olympics House lawmakers propose major budget increase for key cyber agency MORE (D-R.I.), one of the sponsors of the Pipeline Security Act and chairman of the House Armed Services Committee’s cybersecurity subcommittee, stressed Wednesday that it was past time to approve cyber legislation. 

“The bipartisan urgency to act on cybersecurity reflects the magnitude of threats facing our country,” Langevin said in a statement provided to The Hill. “After leading on this issue for more than a decade, I’m glad to see the progress we’ve made, but we still have much further to go.” 

While both the House and Senate have busy legislative calendars heading into the August recess, lawmakers emphasized that making progress on legislation to secure the nation against cyberattacks was critical.

“Cyberattacks are not going away, they are getting worse,” Cornyn said. “I think we are all feeling a sense of urgency.”





Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

4 + three =