Senators Cite Colonial Pipeline Hack in Calling for Cyber Response and Recovery Fund

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

The cyberattack that has shut down a major supply line for energy to much of the East Coast is the kind of event that would have triggered a release of funding outlined in legislation to help the government respond to such incidents, key senators said in a hearing Wednesday.

“I know we’re here today to focus on federal cybersecurity. But I think it’s important to discuss the attack that we have just recently seen on Colonial Pipeline, one of the largest attacks on critical infrastructure in our history,” Sen. Gary Peters, D-Mich., said. “Last month, Ranking Member, [Rob] Portman [R-Ohio] and I introduced the Cyber Response and Recovery Act which would give the Secretary of Homeland Security the authority to declare a significant incident and use [the] Cyber Response and Recovery Fund after events like this.”

Peters, chairman of the Senate Homeland Security and Government Affairs Committee, was leading a hearing on the federal government’s efforts to improve its cybersecurity following the SolarWinds hack, which was part of a campaign that compromised scores of organizations, including nine federal agencies.

The chair and ranking member touted their legislation while drawing attention to what they said were lapses in both public and private entities’ communications with the government.

The Cyber Response and Recovery Fund that the legislation creates would keep $20 million available for DHS’ Cybersecurity and Infrastructure Security Agency to reimburse other departments they need to call in to help respond to cyberattacks and to get information out to related entities to mitigate the impact of such events.

But in Colonial’s case, Brandon Wales, CISA’s acting director, told Portman that the company did not contact CISA after they were targeted by ransomware criminals. CISA was engaged only after the FBI brought them in and still does not possess the technical details that would help them to advise other critical infrastructure entities, Wales said.

Wales said this is understandable since it’s still early in the response, and that CISA has a good relationship with Colonial, but Portman did not accept that argument.  

“It seems to me we also have to worry about these…