by Natalia Castro
In the last year, both chambers of Congress have been working hard to improve our nation’s cyber security and cyber infrastructure. Last week, the Senate passed landmark legislation that will modernize U.S. cyber technology to combat growing threats around the world.
On Oct. 4, 2018, the Senate passed the Cyber security and Infrastructure Security Agency Act of 2018 which passed the House in December 2017 when it was introduced by Texas Republican Rep. Michael McCaul. In the Senate it passed by unanimous consent and in the House by voice vote due to its widespread support.
The Act reorganizes the Department of Homeland Security’s (DHS) main cyber security unit, the National Protection and Programs Directorate, to the Cyber security and Infrastructure Protection Agency. Under the law, this group will now function more like FEMA or the Secret Service instead of a small internal DHS office.
Department of Homeland Security Secretary Kirstjen Nielsen noted in an interview with the Washington Post, “We are responsible for federal efforts when it comes to both protecting critical infrastructure, working with the owner-operators in private sector, and protecting all those civilian dot govs. To do that, we have to have both a name that indicates that is what we do, and we have to be able to streamline the organization so that we can become more operational.”
Other top DHS officials have praised the bill for allowing the agency to better communicate their mission to private sector groups and recruit strong talent.
Perhaps most importantly, Rep. McCaul, who serves as Chairman of the Cyber security and Infrastructure subcommittee, has said that this legislation will allow the DHS to work quickly combat new cyber threats coming from country’s intent of exploiting the holes in current US cyber security.
An August 2016 study from the Idaho National Laboratory commissioned by the federal government found, “In the coming years, cyber threats to utilities are likely to grow in number and sophistication… Attacks are becoming increasingly more targeted and sophisticated, with trusted communications networks, remote access, mobile devices, vendors, and supply chains are the most likely routes of ingress… Threat actors on multiple fronts continue to seek to exploit cyber vulnerabilities in the U.S. electrical grid. Nation-states like Russia, China, and Iran and non-state actors, including foreign terrorist and hacktivist groups, pose varying threats to the power grid. A determined, well-funded, capable threat actor with the appropriate attack vector can succeed to varying levels depending on what defenses are in place.”
Despite this, two years later in May 2018, a White House Office of Management and Budget report found that after conducting cyber security risk management assessments at 96 agencies, 71 agencies or 74 percent, were at risk or high risk for a cyber attack.
While the U.S. lags behind, countries like China are putting cyber security on the top of their agenda.
China has already been linked to cyber attacks against Malaysia and Taiwan. Even the U.S. has experienced China’s cyber-aggression in some form.
In 2001, China responded to a plane collision by defacing thousands of U.S. websites, including the White House site. In 2015, China was accused of hacking the Office of Personnel Management, stealing 21.5 million records. In the last year, the Chinese government has expanded efforts to fund and implement cyber security measures that could be a threat to the entire global community.
As China rivals the U.S. as a global hegemon, it is essential we improve our cyber security and cyber infrastructure to prevent further, more dangerous attacks.
Additionally, the U.S. State Departments 2016 Country Reports on Terrorism concluded, “The Iranian government maintains a robust cyber terrorism program and has sponsored cyber attacks against foreign government and private sector entities.”
The threat of cyber terrorism will only continue growing as groups work to use our technology against us.
The U.S. cannot remain a step behind in our cyber security and infrastructure. The creation of the cyber security and Infrastructure Protection Agency takes a critical step in putting the U.S. back on track to protect its citizens and our technology in the modern world. While many things are dividing today’s Congress we should all be pleased that both sides came together to put safety and security first.
– – –
Natalia Castro is the multimedia manager at Americans for Limited Government.