Federal agencies have stepped up efforts to boost intelligence sharing and build industry resilience in response to a wave of cyberthreats against critical infrastructure providers, including the energy sector, water and healthcare.
As part of those efforts, the U.S. Department of Energy has begun piloting a program to coordinate information sharing, threat assessments and mitigation between DOE, the Cybersecurity and Infrastructure Security Agency, intelligence community and private sector.
Officials discussed those efforts and others at a House hearing May 16 led by the Oversight and Investigations subcommittee of the Energy and Commerce Committee.
The hearing comes two months after the White House unveiled its long-anticipated national cybersecurity strategy, which includes a plan to boost the resilience of the nation’s 16 critical infrastructure sectors against rising threats from nation states and criminal ransomware groups.
“Given the immense gravity of the threats we face it is imperative that we employ a whole of government approach to risk management and mitigation,” Puesh Kumar, director of the Office of Cybersecurity, Energy, Security and Emergency Response at the Department of Energy, told lawmakers at the hearing.
Each annual threat assessment from the U.S. intelligence community since 2019 has pointed to persistent and malicious threats against U.S. infrastructure, Kumar said. The intelligence reports warned that Russia and the People’s Republic of China each had the cyber capability to disrupt energy services in the U.S.
DOE helped coordinate efforts to recover from the 2021 ransomware attack against Colonial Pipeline, which disrupted fuel supplies to much of the southeast and east coast of the U.S. for almost a week.
DOE is piloting a program called the Energy Threat Analysis Center, Kumar confirmed during questioning from Rep. Diana DeGette, D-Colo.
The program at the National Renewable Energy Lab is designed to help coordinate threat information coming from private industry and the intelligence community.
“We’re not putting the pieces together to really understand what is the risk to our national security and what’s the larger trends that are happening in the sector,” Kumar said. “And we need to be doing that if we’re going to stay ahead of the threat we are facing.”
The program has already helped to take threats developed from the Russia-Ukraine conflict and convert those into cyber advisories that were sent out to the entire energy sector, Kumar testified. However, Congress will ultimately need to step in to fully stand up the program, and the current plan calls for a 2027 launch.