WASHINGTON, D.C. – U.S. Senators Gary Peters (D-MI) and Rob Portman (R-OH), Chairman and Ranking Member of the Homeland Security and Governmental Affairs Committee, are seeking input from the Administration as they work to address the relentless wave of ransomware attacks against our nation’s critical infrastructure. Recent attacks have included dangerous breaches of a major oil pipeline, the New York City transportation system, and meatpacking centers across the nation.
“As highlighted in recent weeks, a single ransomware attack against a vulnerable target can have widespread and devastating impacts for communities across the United States. Criminal actors have infiltrated and held critical infrastructure companies hostage, disrupting essential elements of society ranging from our nation’s fuel distribution networks to food supply chains,” wrote the Senators. “The federal government needs to do more to support partners in the public and private sectors as they work to secure their systems against ransomware attackers and punish the bad actors that perpetrate these crimes to deter future attacks.”
As Chairman and Ranking Member of the Homeland Security and Governmental Affairs Committee, Peters and Portman have led efforts to bolster our nation’s cybersecurity defenses. The Senators recently convened a hearing with the Chief Executive Officer of Colonial Pipeline to examine a recent hack against the company. A provision authored by Peters and Portman to increase our government’s ability to quickly respond to cyber-attacks passed the Senate as part of a larger package to boost American competitiveness on the global stage.
Text of the letter is copied below and available here.
June 10, 2021
Dear Acting Director Young and Mr. Sullivan:
We write to you today with serious concern about the state of our nation’s cybersecurity and the threat of ransomware attacks directed at our critical infrastructure. As highlighted in recent weeks, a single ransomware attack against a vulnerable target can have widespread and devastating impacts for communities across the United States. Criminal actors have infiltrated and held critical infrastructure companies hostage, disrupting essential elements of society ranging from our nation’s fuel distribution networks to food supply chains.
The federal government needs to do more to support partners in the public and private sectors as they work to secure their systems against ransomware attackers and punish the bad actors that perpetrate these crimes to deter future attacks. We must also encourage critical infrastructure companies to assess their own risk and mitigate this threat. Otherwise, our national security, economic security, and the stability of daily life in this country will continue to be in jeopardy.
The only way that we as a nation can fight this persistent and growing threat is through action. As Chair and Ranking Member of the Senate committee with primary jurisdiction over cybersecurity issues, we are considering introducing and marking up legislation that will address the threat of ransomware attacks before the Senate’s August recess this year. We would like to receive the Administration’s input as we draft and develop this legislation. In particular, we would appreciate your assistance in providing the following within 30 days:
- Information on strategies that relevant federal agencies are developing and implementing to combat ransomware attacks;
- Any new authorities, or revisions to existing authorities, that would further empower relevant federal agencies to combat ransomware attacks and respond when they do occur; and
- Suggestions for Congress to consider as we develop legislation and oversight plans to combat ransomware attacks.
We would appreciate you coordinating a response on behalf of the whole Administration including the Department of Justice, the Department of Homeland Security, and the Intelligence Community. We look forward to working with you on this issue in the coming months. Thank you for your attention to this matter.
###