Russian Cyberthreats Create Alarms at Senate Homeland Security Hearing
WASHINGTON — Lawmakers at a Senate hearing renewed warnings Wednesday that Russian cyberattacks remain a serious threat as the United States and allies continue their support for Ukraine.
In the latest move, the European Union announced Tuesday it would end all oil imports from Russia in a bid to undercut its economy and ability to wage war. U.S. oil is likely to replace some of the Russian imports.
Russia’s likely response will be “persistent cyberattacks that disrupt the lives and livelihoods” of Americans, said Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee.
“We must be prepared for the Russian government and their allies to continue these efforts,” Peters said.
He predicted more cyberattacks like the 2020 SolarWinds and 2021 Colonial Pipeline incidents without adequate defense mechanisms.
SolarWinds refers to a cyberattack suspected to be linked to the Russian government that penetrated thousands of organizations globally, including the confidential data of U.S. government agencies. The Colonial Pipeline ransomware attack shut down for five days the main pipeline for carrying refined oil products from Texas to the East Coast.
The Homeland Security and Governmental Affairs Committee called the hearing to review the annual budget of the Department of Homeland Security.
The senators reviewed the agency’s performance on illegal immigration, monitoring domestic terrorists, cybersecurity and stopping disinformation that could cause civil disruption.
In addition to expressing outrage over a surge of illegal immigration in recent years, the senators appeared to be steadfast in U.S. support of Ukraine, regardless of any Russian threats.
Sen. Rob Portman, R-Ohio, referred to the war that started in February as “the unjust invasion by Russia.”
Lawmakers’ displeasure with the Russian cyberthreats was demonstrated last month when the Biden administration announced its proposed fiscal 2023 federal budget. It prioritizes cybersecurity with an 11%, or $10.9 billion, funding increase to secure the government’s computer systems.
Other cybersecurity funding is listed separately for a variety of agencies, including a $197 million increase “to protect and defend sensitive agency systems and information” at the Department of the Treasury.
The government’s financial largesse surprised even Alejandro Mayorkas, the U.S. secretary of Homeland Security. He was the only witness at the Senate hearing Wednesday.
“We were unaware that Congress would so amply fund CISA,” Mayorkas said. CISA is the Cybersecurity and Infrastructure Security Agency, which the federal government organized in 2018 to oversee U.S. cybersecurity.
Unlike other agencies that try to get by with limited resources, CISA is growing at a rate that creates a challenge to expand its operations effectively, Mayorkas said.
“It’s a matter of timing,” he said.
Until now, a big part of CISA’s effort has focused on extending grants to agencies that control state and local computer infrastructure. The expanded budget is allowing the Homeland Security Department to use other grants to identify what Mayorkas called “target rich” infrastructure for additional protection.
The new grant program won recognition from Sen. Maggie Hassan, D-N.H., who said, “It’s extremely important that we protect the critical infrastructure of our country too.”
Tom can be reached at [email protected] and @TomRamstack