A federal government left 'completely blind' on cyberattacks looks to force reporting

www.politico.com
6 min read
difficult
A bipartisan group of lawmakers wants to make sure the government is never left in the dark about serious hacks again.
That information gap leaves the rest of the country in the dark about how frequently such attacks occur and how they're perpetrated. It also leaves federal authorities without crucial information that could help protect other companies from similar attacks.

A gasoline station that ran out of gas for sale displays an out of service sign on the pump on Tuesday, May 11, 2021, in Atlanta. (AP Photo/Ben Margot) | Ben Margot/AP Photo

Without reporting from companies, "the United States government is completely blind to what is happening," Brandon Wales, the acting director of DHS' Cybersecurity and Infrastructure Security Agency, told reporters on Thursday. "That just weakens our overall cyber posture across our entire country." Wales said the solution was for Congress to require companies to report cyber incidents.

Lawmakers of both parties told POLITICO they are crafting legislation to mandate cyberattack reporting by critical infrastructure operators such as Colonial, along with major IT service providers and any other companies that do business with the government.

The planned legislation predates the pipeline attack — lawmakers began drafting it soon after learning about last year's massive SolarWinds espionage campaign, in which suspected Russian hackers infiltrated nine federal agencies and roughly 100 companies. But the Colonial strike has added urgency to the effort. The group expects to introduce the legislation within weeks, a Senate aide said.

"You couldn't have a better reason" for such a mandate than seeing the economic impact of Colonial and SolarWinds, said Senate Intelligence Chair Mark Warner (D-Va.), one of the leaders of the legislation along with Republican Sen. Marco Rubio of Florida.

Warner said the intent is to provide a "public-private forum where, with appropriate immunity and confidentiality, you can — mid-incident — report, so we can make sure that it doesn't spread worse."

Establishing a reporting mandate for companies like Colonial…
Eric Geller, Martin Matishak
Read full article