Source: United States Senator for Mississippi Roger Wicker
On May 7, criminal hackers launched a cyberattack on Colonial Pipeline, the largest gas pipeline serving the United States. The company was temporarily forced to shut down its pipeline, disrupting energy supplies running from the Gulf Coast to New Jersey. As a result, fuel shortages affected residents across the Southeastern United States, causing long lines and higher prices at the pump and leaving thousands without gas. The hackers held Colonial’s networks hostage until the company paid nearly $5 million in ransom money so that the flow of gas could resume.
This direct attack on our infrastructure exposed risks to our energy supply. Our nation has about three million miles of pipelines carrying vital resources across the country. These energy products keep our businesses running, our lights on, and our homes warm in the winter and cool in the summer. Similarly, our electric power grid has become essential in providing power to our communities. It is critical that these infrastructure assets be protected against future attacks like the one on May 7.
Congress Responds to Cyber Threat
Recently the Senate Commerce Committee held a hearing with top government officials to assess the Colonial attack and the federal government’s response. As the committee’s lead Republican, I had the opportunity to question David Pekoske, the head of the Transportation Security Administration (TSA), the agency tasked with protecting our transportation infrastructure from cyber risks. I stressed to Mr. Pekoske how important it is that TSA seek input from the private sector in improving security.
After the hearing, I co-authored a letter to the Department of Commerce urging them to grow our cybersecurity workforce. This would build on momentum from two laws I authored last year, which laid the foundation for improving cyber protections and hiring more talent in cyber defense.
U.S. Must Strike Back Against Cyber Attackers
The Colonial hack is just one of the latest cyberattacks against our country. Earlier this year, Chinese hackers broke into Microsoft email systems used by many American companies, allowing these criminals access to sensitive emails and U.S. intellectual property. In May, Russian-linked hackers targeted JBS, the world’s largest meat producer, forcing factory shutdowns across the United States that restricted our beef supply. Last year, Russia conducted an extended hack against the U.S. government and private companies, which went unnoticed for months. And between 2011 and 2013, Chinese hackers targeted 23 U.S. natural gas pipeline operators. This uptick in malicious attacks cannot go unchallenged.
President Biden responded to the Russian hack in April by imposing new sanctions on Russia. By contrast, the Administration merely condemned China for its hacking campaigns, yet stopped short of taking punitive measures against Beijing to deter future hacks. I believe the President should impose sanctions on China just as he did with Russia. Hackers will not stop their behavior until they begin to feel painful consequences.
The President should also make cyber defense a top priority for the military. Although our Armed Forces are unmatched in war capabilities, our generals have repeatedly warned we are behind when it comes to cyber defense. Given this need, the President should devote more resources to U.S. Cyber Command to make up for lost ground. This will be made easier when Congress passes the annual defense reauthorization bill, which I recently helped pass out of the Armed Services Committee. This bill will authorize new investments in cyber security to protect our nation from debilitating hacks in the future. We cannot afford to remain vulnerable to lawless hackers who wish to do us harm.