Capito hears cybersecurity concerns
CHARLESTON — While members of the U.S. Senate spent Wednesday working out the final details of the $1.2 trillion bipartisan infrastructure framework, Sen. Shelley Moore Capito listened to concerns about securing water, electric and transportation infrastructure from cyberattack.
The Senate Committee on Environment and Public Works held a hearing Wednesday at the behest of Capito, the ranking Republican member of the committee, on addressing cybersecurity vulnerabilities to U.S. physical infrastructure.
Capito, R-W.Va., said she hopes the results of Wednesday’s hearing will help industry and government to partner together to better protect infrastructure for cyberattacks, hacking and ransomware demands.
“This committee has a leading role in ensuring the safety and security of our nation’s core infrastructure system, and we’re committed to being a strong federal partner in tackling the most challenging issues that cyber-threats present,” Capito said. “We must work together, and I think we will, on this issue to find solutions that will safeguard the whole of our core infrastructure.”
Cybersecurity for infrastructure came into the public consciousness in May when hackers based in Russia took over the Colonial Pipeline system, cutting off the flow of gasoline to parts of the East Coast for more than six days in a ransomware attack. The company was forced to pay the hackers more than $4 million in cryptocurrency to restore service.
The Colonial Pipeline hack was one of several cyberattacks documented by the Center for Strategic and International Studies, with more than 10 cases of specific cyberattacks against infrastructure across the globe in 2021 alone.
In a recent example from June, CSIS claims that Chinese hackers targeted multiple agencies and companies, including Verizon and the Metropolitan Water District of Southern California, to gain remote access to their systems. In July, the U.S. Cybersecurity and Infrastructure Security Agency issued warnings about Chinese cyberattacks. That follows a similar warning from the White House over the weekend.
“The United States has long been concerned about the People’s Republic of China’s irresponsible and destabilizing behavior in cyberspace,” said a statement from the White House. “The PRC’s unwillingness to address criminal activity by contract hackers harms governments, businesses, and critical infrastructure operators through billions of dollars in lost intellectual property, proprietary information, ransom payments, and mitigation efforts.”
Committee members heard testimony from officials with public works departments, water and sewer agencies, and transportation management companies. Committee members also heard from Sen. Angus King, D-Maine, and Rep. Mike Gallagher, R-Wis., who both co-chair the Cyberspace Solarium Commission
The commission, established in 2019, issued a report last year on creating a strategic plan to address cyber attacks. The report calls for creation of a national cyber director, creating financial penalties for perpetrators of cyber attacks as a disincentive and creating a more coherent cybersecurity plan across all of government and increased resiliency of infrastructure to weather cyber attacks and safeguarding supply chains.
The committee passed two bills over the last few months dealing with physical infrastructure, the Drinking Water and Wastewater Infrastructure Act and the Surface Transportation Reauthorization Act. Both bills include funding that can be used for infrastructure cybersecurity.
“I’m darn proud of our work, but there is more work to be done,” Capito said. “Hacking of these systems can harm our economy and pose threats to human life, property, and the environment. Providing the tools to our government agencies and industry partners and stakeholders, responsible for protecting our critical infrastructure from cyber attacks is essential.”