Security News > 2021 > May > US introduces bills to secure critical infrastructure from cyber attacks
The U.S. House Committee on Homeland Security has passed five bipartisan bills on Monday to bolster defense capabilities against cyber attacks targeting U.S. organizations and critical infrastructure.
The five bipartisan bills are also designed to make it easier to defend networks from cyber attacks using critical security vulnerabilities such as those abused in campaigns targeting vulnerable Microsoft Exchange Server and Pulse Connect Secure devices earlier this year.
Besides legislation to enhance US pipeline security, the bills also authorize the Cybersecurity and Infrastructure Security Agency to help secure SLTT networks and promote regular testing of cyber attack preparedness.
"Other measures passed in today's markup include bills to help State and Local governments protect their networks, provide critical infrastructure owners and operators with mitigation strategies against critical vulnerabilities, and establish a national cyber exercise program to promote more regular testing of preparedness and resilience to cyber attacks against critical infrastructure," the Committee said in a press release.
H.R. 3138, The "State and Local Cybersecurity Improvement Act" - seeks to authorize a new $500 million grant program to provide State and local, Tribal, and Territorial governments with dedicated funding to secure their networks from ransomware and other cyber attacks.
H.R. 3223, The "CISA Cyber Exercise Act" - establishes a National Cyber Exercise program within CISA to promote more regular testing and systemic assessments of preparedness and resilience to cyber attacks against critical infrastructure.
News URL
Related news
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)