FYI.

This story is over 5 years old.

Tech

America's Power Plants Are an Open Target for Hackers Because Congress Went on Vacation

With a good old fashioned filibuster, Senate Republicans just blocked the sweeping cybersecurity legislation that some lawmakers have been trying for years to pass, and they don't sound sorry about it. The bill would have set cybersecurity standards...

With a good old fashioned filibuster, Senate Republicans just blocked the sweeping cybersecurity legislation that some lawmakers have been trying for years to pass, and they don’t sound sorry about it. The bill would have set cybersecurity standards for business that run critical infrastructure like power grids and also create ways for the government to share cybersecurity information with business. In the process, it would also set up a national cyber intelligence center. Now that Capitol Hill’s been cleared out for the August recess, though, it’s unclear if Congress will do anything this year to address the big cybersecurity dilemma that the Pentagon can’t seem to shut up about.

Advertisement

The fate of the Cybersecurity Act of 2012 is not looking good. Three years in the making, the bill met serious resistance from a coalition of industries including energy, financial services and technology because it would enforce new digital standards on places like power plants. Because big business doesn’t like new regulations, the United States Chamber of Commerce threw its weight into opposing the bill and along with industry lobbies succeeded in watering down the bill significantly. The provisions of the bill that the Republicans just defeated, for instance, didn’t even require business to comply with the new requirements. Everything was optional. So it’s understandable that the bill’s cosponsors are a bit pessimistic about the possibility that the Senate could reconsider the legislation in September.

“As a practical matter, it's probably dead,” Stewart Baker, a former assistant secretary for policy at the Department of Homeland Security, told Bloomberg Businessweek. “There's some people hoping against hope to revive it, but given the calendar and the difficulty of the issues, it would be almost impossible.”

But the possibility of actually making progress on the cybersecurity front is still alive. The Obama administration who had championed the Cybersecurity Act called the bill’s defeat a “profound disappointment” and blamed “the politics of obstructionism, driven by special-interest groups seeking to avoid accountability.” Nevertheless, they’re in a position where they could take some of the bill’s provisions into their own hands and enact new standards with an executive order. They could, for instance, go ahead and set up that national cyber intelligence center modeled on the National Counterterrorism Center. From there, they could impose regulations through the existing authority at places like the Federal Energy Regulatory Commission, the Pentagon and financial regulatory agencies.

Advertisement

The other option is renegotiate the issues as a matter of national security. The Pentagon has already opened its kimono with regard to its commitment to bolstering its cybersecurity capabilities, and you could imagine how some of their work could bubble over into the civilian world. Obama’s already been tugging at the heart strings of the defense conscious, warning in a recent Wall Street Journal op-ed that hackers shut down power plants and cause catastrophic train wrecks. It’s kind of a horrible thing to say, but maybe that’s what it’ll take to get lawmakers to understand the gravity of the situation. Joe Lieberman, the bill’s sponsor was heading in this direction when he spoke out against the Republican filibuster. “They’re trying to make this into a business versus government regulation issue, which it’s not,” he said. “It’s a question of the safety and security of the American people.”

The sort of encouraging thing is that there are a couple of alternative bills floating around that the Senate Republicans are more enthusiastic about. So maybe something will get done. And at least some lawmakers get that this is a big deal. Sen. Susan Collins of Maine, the only Republican co-sponsoring the bill put it bluntly, “I can’t think of another area where the threat is greater and we are less prepared.”

Image via Flickr

Connections: