The US House of representatives recently passed a bill to help address cyber security of critical infrastructure. The bill was previously passed by the House Homeland Security Committee earlier in June and comes on the heels of numerous reports that the nation-state threat actors (Russia and North Korea) were actively attempting to penetrate US critical infrastructure networks.
The bill was introduced by Representative Don Bacon (R-Neb.) after it was reported by cybersecurity researchers with Dragos, that hackers linked to the Russian government had attacked, and in some cases successfully breached, industrial control and supervisory control and data acquisition (SCADA) systems.
Industrial control and SCADA systems provide the structure and management required to operate and maintain the country’s critical infrastructure at scale. As Bacon notes, any “disruptions or damage to these systems have the potential to cause catastrophic and cascading consequences to our nation’s national security, economic security and our public health and safety.”
If a companion bill could get through the Senate, the law would amend the Homeland Security Act of 2002, instructing Homeland Security take the lead and continually monitor and coordinate with critical sectors on identifying and managing cybersecurity incidents. Homeland Security would also be authorized to help critical sectors and manufacturers mitigate any existing vulnerabilities. It would also allow Homeland Security to disclose known vulnerabilities to the private sector.