December 23, 2019
WASHINGTON, D.C. – Today, U.S. Senators Angus King (I-Maine) and Jim Risch (R-Idaho), both members of the Senate Intelligence Committee and the Senate Committee on Energy and Natural Resources, celebrated the enactment of their bipartisan Securing Energy Infrastructure Act into law. The legislation passed as part of the FY2020 National Defense Authorization Act (NDAA), and will develop defenses for the U.S. energy grid through partnerships between the National Laboratories and industry. The partnerships will utilize engineering concepts to remove vulnerabilities that could allow hackers to access the grid and the nation’s critical infrastructure.
“The energy grid is central to nearly all facets of 21st century life, but remains vulnerable to hackers,” said Senator King, co-chair of the Cyberspace Solarium Commission. “If this critical infrastructure is compromised, our financial transactions, communications networks, healthcare services, and much more will be at risk. This bipartisan, commonsense legislation will help defend our energy grid from attacks launched from thousands of miles away – I’m heartened to see this much-needed provision signed into law, and deeply grateful for the partnership of Senator Risch in this effort.”
“The vulnerabilities afflicting our critical infrastructure are deeply troubling and there is strong bipartisan agreement that this issue requires our immediate attention,” said Senator Risch. “The Securing Energy Infrastructure Act has been many years in the making, and am confident our national laboratories, particularly the INL in my home state of Idaho, will lead this important research aimed at strengthening our grid security and preventing catastrophic cyberattacks.”
The Securing Energy Infrastructure Act aims to remove vulnerabilities that could allow hackers to access the energy grid through holes in digital software systems. Specifically the Securing Energy Infrastructure Act will direct the Department of Energy to examine ways to replace networked systems with less complex connections limiting paths to attack the systems.
The legislation was part of the Damon Paul Nelson and Matthew Young Pollard Intelligence Authorization Act (IAA) for Fiscal Years 2018, 2019, and 2020, which was included in the National Defense Authorization Act for Fiscal Year 2020. This legislation was inspired in part by Ukraine’s experience in 2015, when a sophisticated cyber-attack on that country’s power grid led to more than 225,000 people being left in the dark. The attack could have been worse if not for the fact that Ukraine relies on older, less networked technology to operate its grid. The senators’ bill would build on this concept by studying ways to simplify and isolate the grid’s most important control systems.
More specifically, the legislation will:
In addition to Senators King and Risch, the legislation was cosponsored by Senators Susan M. Collins (R-Maine), Martin Heinrich (D-N.M.), and Mike Crapo (R-Idaho). A companion bill was introduced by Representatives Dutch Ruppersberger (D-Md.) and John Carter (R-Tex.) in the House of Representatives.