facebook linkedin twitter

Energy Department Requests $201 Million to Bolster Cyber Defense

June 28, 2021 by Reece Nations
Energy Secretary Jennifer Granholm speaks during a press briefing at the White House, Tuesday, May 11, 2021, in Washington. (AP Photo/Evan Vucci)

WASHINGTON – Secretary of Energy Jennifer Granholm requested $201 million in additional funds to fortify her department’s cybersecurity defenses in testimony before the Senate Armed Services Committee on Thursday.

Granholm’s request came in response to a ransomware attack on an American oil pipeline system in May that disrupted fuel distribution throughout the Southeastern United States. Hackers undermined the system’s computerized managing equipment, eventually causing the Federal Motor Carrier Safety Administration to issue an emergency declaration for 17 states and Washington, D.C.

The Colonial Pipeline hack was the largest cyberattack on an oil infrastructure target in U.S. history, causing fuel shortages amid panic buying in the following days. Following a six-day shutdown, the pipeline’s operations resumed after the company paid a $4.4 million ransom to the hackers, most of which was eventually recovered by the Department of Justice.

“As you all are aware, a ransomware attack happened on May 7 that led to the shutdown of the Colonial Pipeline Company’s largest fuel pipeline on the East Coast,” Granholm said in written testimony submitted to the committee. “The White House asked the Department of Energy to coordinate a whole-of-government effort to ensure that the company had the resources necessary to resume operations as quickly and safely as possible, while moving fuel supplies to impacted areas by other means. This incident was a stark reminder of the imperative to harden the nation’s critical infrastructure against these serious and growing cyber threats.”

The funds, if granted, would be used to shore up vulnerabilities in the department’s digital systems. The department would utilize the funds to secure its software supply chain, speed up its transition to a zero-trust security model and secure cloud services, and bolster its cybersecurity threat hunting and response in both information technology and operational technology.

The budget request matches a growing trend among federal agencies following a slew of hacks nationwide that compromised servers belonging to the Treasury and Commerce departments last year. The perpetrating hacker group, known as DarkSide, is believed by the FBI to have attacked U.S. oil and gas infrastructure on four occasions between Dec. 2020 and May 2021.

In May, President Joe Biden issued an executive order aimed at improving the nation’s cybersecurity by removing barriers to sharing threat information among service providers, modernizing federal cybersecurity practices, and standardizing federal response to cybersecurity vulnerabilities and incidents, among other measures.

“In the current threat environment, the department cannot afford to neglect its cybersecurity capabilities, which serve as frontline assets that protect the information, systems, and networks necessary to execute its mission,” Granholm said in a written statement. “Information Technology and Cybersecurity enable every element of [the Department of Energy and the National Nuclear Security Administration’s] missions. To meet future requirements, the department must modernize its outdated and legacy technology.”

Cybersecurity

October 22, 2021
by Reece Nations
Commerce Department Tightens Export Controls on Cybersecurity Items

WASHINGTON — The Department of Commerce’s Bureau of Industry and Security announced on Wednesday it would institute new export controls... Read More

WASHINGTON — The Department of Commerce’s Bureau of Industry and Security announced on Wednesday it would institute new export controls over cybersecurity items such as cyber intrusion software that can be used maliciously. The department’s new policy also creates a new license exception for authorized cybersecurity... Read More

October 14, 2021
by Victoria Turner
Cybersecurity Experts Point to More Investment Needed in Detection, Response

WASHINGTON -- If everyone were to employ proper cyber hygiene like multi-factor authentication or not clicking on links in phishing... Read More

WASHINGTON -- If everyone were to employ proper cyber hygiene like multi-factor authentication or not clicking on links in phishing emails, more than 85% of cyberattacks would be prevented, said Sen. Angus King, I-Maine, Thursday.  “The best hack is the one that doesn’t happen,” King said... Read More

October 5, 2021
by Victoria Turner
Cybersecurity Minimum Standards Needed to Keep North America Secure

North American governments should come together to create a trilateral strategy to assess and address threats in a holistic risk-based... Read More

North American governments should come together to create a trilateral strategy to assess and address threats in a holistic risk-based approach to cybersecurity that includes a minimum set of standards, said three experts yesterday. As much as the pandemic has accelerated the rate in which governments... Read More

September 29, 2021
by Victoria Turner
Aspen Cyber Summit Explores Collective Defense in a Digital World

WASHINGTON -- The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,”... Read More

WASHINGTON -- The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,” but there is “still a lot of work to do,” said CISA Director Jen Easterly Wednesday.  Kicking off the 6th annual Aspen Cyber Summit, Exploring Collective... Read More

September 22, 2021
by Victoria Turner
Identity Authentication Key Piece of Cybersecurity Puzzle

WASHINGTON -- Identity authentication is taking a front-and-center role in the administration's approach to ensuring robust cybersecurity across the U.S.... Read More

WASHINGTON -- Identity authentication is taking a front-and-center role in the administration's approach to ensuring robust cybersecurity across the U.S. government, according to Carole House, director of cybersecurity and secure digital Innovation at the White House National Security Council.  It “sits at the heart of zero... Read More

September 1, 2021
by Tom Ramstack
Executives Advocate for Legislation to Unite Government and Private Cybersecurity

WASHINGTON -- A cybersecurity expert told a congressional panel Wednesday that private industry alone cannot be expected to effectively confront... Read More

WASHINGTON -- A cybersecurity expert told a congressional panel Wednesday that private industry alone cannot be expected to effectively confront the kinds of cyberattacks that have wreaked havoc on U.S. computer networks in recent years. He testified to a House Homeland Security subcommittee as it considers... Read More

News From The Well
scroll top