December 7, 2023

U.S. Secretary of Energy Jennifer Granholm speaks during a press conference at the White House in Washington Jan.

Kevin Lamarque | Reuters

WASHINGTON – The Department of Energy is asking Congress for $ 201 million in its 2022 budget proposal to address digital vulnerabilities after a steady surge in widespread cyberattacks.

The $ 201 million application, up from $ 157 million in 2021, will help strengthen the federal agency’s cybersecurity efforts and fill any “gaps” in the supply chain and technical infrastructure.

Energy Secretary Jennifer Granholm told the Senate Armed Forces Committee Thursday that the department also needed the funds to update software, hire more cybersecurity professionals, and develop new cyber policies and standards.

“As we’ve seen, the Colonial Pipeline incident made it clear that the fact that we don’t have cyber standards for pipelines, as we do in the electricity sector, indicates a major loophole,” Granholm said, referring to widespread ransomware -Attack on the largest gasoline pipeline.

“I want to say that there are obviously gaps, not so much in our ability to respond internally, but in our ability to see what is happening in the private sector,” she said, adding that the Biden government was reviewing methods , where the private sector could work better with the government after cyberattacks.

“What is unacceptable is the status quo,” said Granholm, adding that one option might be to “give the government some insight into the system as the public relies on its system”.

The Biden administration is asking Congress for $ 9.8 billion in federal civil cybersecurity in 2022, nearly 15% more than in 2021. The Pentagon is calling for $ 10.4 billion in 2022 for its cybersecurity budget proposal.

The increased investment in cybersecurity follows a steady drumbeat of ransomware attacks that have directly impacted Americans and hampered US logistics and services.

In April, Washington officially blamed the Russian foreign intelligence service for carrying out the SolarWinds cyberattack. Microsoft President Brad Smith described the attack as “the biggest and most sophisticated attack the world has ever seen”. Microsoft’s systems were also infected with malware.

The Russian government denies all allegations that it is behind the SolarWinds hack.

Last month, a hacking group called DarkSide with suspected links to Russian criminals launched a ransomware attack on the Colonial Pipeline, forcing the US company to shut down approximately 5,500 miles of the pipeline. It cut fuel supplies to the east coast by nearly half, causing fuel shortages in the southeast and disruption to airlines.

Following the DarkSide attack, President Joe Biden told reporters, “So far there is no evidence from our intelligence officials that Russia is involved, although there is evidence that the actor’s ransomware is in Russia, they have a certain responsibility to deal with it. ”He added that he would discuss the situation with Russian President Vladimir Putin during their first face-to-face meeting in Geneva.

Ransomware attacks involve malware that encrypts files on a device or network, causing the system to become inoperable. Criminals behind such cyberattacks usually demand a ransom in exchange for the release of data.

Earlier this month, Colonial Pipeline’s CEO told a Senate committee that the company had paid the $ 5 million ransom to the cybercriminals.

“I made the decision that Colonial Pipeline would pay the ransom so that we had every tool available to get the pipeline up and running quickly,” Joseph Blount Jr. told Senate Homeland Security Committee members on June 8th and government affairs. “It was one of the toughest decisions I had to make in my life,” he said.

The day before Blount’s testimony, US law enforcement officials announced they were able to get back $ 2.3 million worth of bitcoins from the hacking group.

The FBI previously warned victims of ransomware attacks that paying a ransom could encourage further malicious activity.

Less than a month after the cyberattack on the Colonial Pipeline, Brazil’s JBS, the world’s largest meat packer, announced that it had fallen victim to a ransomware attack. The violation disrupted meat production in North America and Australia and sparked concerns about rising meat prices.

The company eventually paid a $ 11 million ransom to another Russia-based cybercriminal, but not before it temporarily ceased all US operations.

Biden told reporters at the conclusion of his first meeting with Putin since his rise to the White House that he had raised the issue of cyberattacks with his Russian counterpart.

“Certain critical infrastructures should be blocked for attacks, by cyber or in any other way,” said Biden during a press conference in Geneva. “I gave them a list of 16 specific entities that US policy defines as critical infrastructure, from the energy sector to water systems,” he added.

Biden’s identification of critical infrastructures as locked down suggests that a government response could take place should governmental or non-governmental actors attack these sectors.

Putin has repeatedly denied having knowledge of the attacks or having been involved in them.