White House says American Jobs Plan will address cybersecurity amid pipeline disruption

WASHINGTON — As a major U.S. pipeline company works to bring its services back online following a ransomware attack, White House press secretary Jen Psaki told reporters Wednesday that President Biden’s multitrillion-dollar infrastructure and jobs plan would highlight cybersecurity for critical infrastructure.

“I think it’s clear that cybersecurity, ensuring private sector companies are hardening their cybersecurity, ensuring it’s an across-the-government effort, is a priority to the president, and this will be linked now to our proposal for how specific grants should be distributed,” Psaki said during a White House press briefing that featured multiple questions about the pipeline and gasoline shortages along the East Coast.

Over the previous weekend, a ransomware attack on Colonial Pipeline Co. disrupted the delivery of 45 percent of the East Coast’s supply of gasoline, diesel and jet fuel.

Biden promised on Tuesday that his American Jobs Plan would provide funding “to safeguard our critical infrastructure,” and Psaki provided further detail about how cybersecurity requirements might feature in the package, in addition to an already existing new public-private-sector initiative and a new Department of Justice ransomware task force.

White House press secretary Jen Psaki, with Environmental Protection Agency administrator Michael Regan, left, and Transportation Secretary Pete Buttigieg, at a press briefing on Wednesday. (Nicholas Kamm/AFP via Getty Images)
White House press secretary Jen Psaki, with Environmental Protection Agency administrator Michael Regan, left, and Transportation Secretary Pete Buttigieg, at a press briefing on Wednesday. (Nicholas Kamm/AFP via Getty Images)

Earlier in the briefing, Secretary of Transportation Pete Buttigieg addressed the pipeline, saying the U.S. needs to “make sure our infrastructure is resilient” in the face of cyberthreats. He noted that the American Jobs Plan will be “funding and supporting” those efforts.

“This is not an extra, this is not a luxury,” he continued. “This has to be core to how we secure our critical infrastructure. That includes infrastructure that is now owned and operated by the federal government.”

In recent days, the White House has faced increasing pressure from lawmakers to make specific efforts to include cybersecurity in its infrastructure modernization plan, details not initially included in its fact sheet on the plan.

Among those calling for the inclusion of cybersecurity is Sen. Ben Sasse, a Republican from Nebraska, who said the president should address “hardening of critical sectors” in the infrastructure package in light of the pipeline disruption.

Outside experts have also weighed in, calling on the administration to do more to shore up U.S. defenses against such attacks.

“America’s critical infrastructure as traditionally defined and historically understood is deeply in need of investment and renewal,” wrote Frank Cilluffo, director of Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security, and retired Rear Adm. Mark Montgomery, a senior fellow at the Foundation for Defense of Democracies, in a blog post.

Gas stations from Florida to Virginia began running dry, and prices at the pump rose after the shutdown of the Colonial Pipeline by hackers. (Kevin Lamarque/Reuters)
Gas stations from Florida to Virginia began running dry and prices at the pump rose after the shutdown of the Colonial Pipeline by hackers. (Kevin Lamarque/Reuters)

Cilluffo and Montgomery are both members of the Cyberspace Solarium Commission, a bipartisan intergovernmental body created in 2019 to develop strategies to defend against increasingly damaging, costly and frequent cyberattacks on public and private sector targets in the United States.

The authors argued that Biden’s infrastructure plan and budget proposal for next year don’t go far enough in adequately funding the efforts needed to improve digital security. Cilluffo and Montgomery proposed, for example, tying the use of grants and low-interest loans to cybersecurity standards, an idea similar to what Psaki said Wednesday.

“As the Biden administration and Congress prioritize a massive infrastructure plan, now is the time for the federal government — and the country as a whole — to come to terms with the major investments needed to ensure the security and resiliency for our national systems,” wrote Cilluffo and Montgomery. “Otherwise, many more Americans will be impacted by the next bad day in critical infrastructure.”

____

Read more from Yahoo News: