The House approved legislation on July 27 that seeks to address the issue of increasing cyber threats to U.S. energy infrastructure by providing grants to university students specializing in cybersecurity.
H.R. 7569, also called the “Energy Cybersecurity University Leadership Act of 2022,” was passed with a package of other measures in a 336–90 vote.
Energy Secretary Jennifer Granholm will be tasked with providing traineeship and research experiences to students and researchers at utilities and national labs owned by the Department of Energy.
“Our constituents rely on dependable energy sources for their lives and their livelihoods, and we cannot afford continued exposure to these types of attacks.”
Ross and Rep. Mike Carey (R-Ohio) co-sponsored the legislation in the House.
It states that integrating cybersecurity considerations into the research, design, and development of energy infrastructure will be a cost-effective way to secure U.S. electric grids, oil and gas pipelines, and other generation, transmission, and distribution systems.
Defending Against Ransomware, Other AttacksThe legislation was inspired by a spate of attacks on U.S. energy infrastructure over the past year, including the ransomware attack on the Colonial Pipeline in May 2021, an attempt to poison a water treatment plant in Florida in February 2021, and a cyberattack against the Port of Houston in August 2021.
The Colonial Pipeline ransomware attack forced the company to shell out 75 bitcoins, worth about $4.4 million, to the hackers in a bid to get the pipeline system back online.
The legislation also comes as federal agencies are asking companies operating in critical industries to boost their cyber defenses because of the threat of Russian cyberattacks.
Another measure included in the legislation package approved on July 27 was the RANSOMWARE Act, an acronym for “Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies."
The RANSOMWARE Act asks the U.S. Federal Trade Commission to provide a biennial report on ransomware and other cyberattacks from foreign groups or governments against U.S. targets, with a specific focus on Russia, China, North Korea, and Iran.