US introduces bills to secure critical infrastructure from cyber attacks

The U.S. House Committee on Homeland Security has passed five bipartisan bills on Monday to bolster defense capabilities against cyber attacks targeting U.S. organizations and critical infrastructure.

These bills were introduced as a direct result of the Homeland Security Committee's oversight of recent cyber attacks, including the ransomware attack that forced Colonial Pipeline to shut down the largest U.S. pipeline.

While Colonial Pipeline reportedly paid a $5 million ransom, this didn't stop a widescale fuel shortage that impacted multiple northeastern states.

Another incident that prompted these bills is the SolarWinds supply-chain attack that provided Russian Foreign Intelligence Service (SVR) hackers with access to the networks of U.S. federal agencies and private tech sector companies.

The five bipartisan bills are also designed to make it easier to defend networks from cyber attacks using critical security vulnerabilities such as those abused in campaigns targeting vulnerable Microsoft Exchange Server and Pulse Connect Secure devices earlier this year.

Since the beginning of this Congress, this Committee has engaged in extensive oversight of these events and how the Federal government partners with others to defend our networks. The legislation we reported today was the result of this oversight. I am pleased that they received broad bipartisan support and hope they are considered on the House floor in short order. — Chairman Bennie G. Thompson

Besides legislation to enhance US pipeline security, the bills also authorize the Cybersecurity and Infrastructure Security Agency (CISA) to help secure SLTT networks and promote regular testing of cyber attack preparedness.

"Other measures passed in today’s markup include bills to help State and Local governments protect their networks, provide critical infrastructure owners and operators with mitigation strategies against critical vulnerabilities, and establish a national cyber exercise program to promote more regular testing of preparedness and resilience to cyber attacks against critical infrastructure," the Committee said in a press release.

The five bipartisan bills introduced in House on Monday include:

8 Common Threats in 2025

While cloud attacks may be growing more sophisticated, attackers still succeed with surprisingly simple techniques.

Drawing from Wiz's detections across thousands of organizations, this report reveals 8 key techniques used by cloud-fluent threat actors.

Related Articles:

Hawaiian Airlines discloses cyberattack, flights not affected

US Homeland Security warns of escalating Iranian cyberattack risks

Hackers switch to targeting U.S. insurance companies

Grocery wholesale giant United Natural Foods hit by cyberattack

Hackers behind UK retail attacks now targeting US companies