HENRICO, V.A. – U.S. Representative Abigail Spanberger today urged President Joe Biden to recognize the vulnerabilities revealed by the foreign-based ransomware attack that shut down the Colonial Pipeline, causing many gas stations in Central Virginia and throughout the Commonwealth to operate with limited fuel options or no fuel supply at all.
In a letter sent to President Biden today, Spanberger outlined the major effects the DarkSide cyberattack had on Central Virginia families, workers, and businesses — and she pressed the Biden Administration to investigate the full scope of the intrusion and respond with the urgency the situation demands. Additionally, Spanberger called on President Biden to create an interagency strategy that can increase cybersecurity collaboration between government agencies and the private sector, strengthen protections for American supply chains, and deter hackers from attacking in the future.
“Many gas stations across Virginia’s Seventh District and its surrounding communities are experiencing the negative effects of this cyberattack and the ensuing pipeline shutdown,” said Spanberger to President Biden. “This attack is having an immediate impact on Virginians who are commuting to work, dropping their children off at school, delivering supplies to small businesses and restaurants, and keeping our communities connected.”
Spanberger continued, “In addition to a full assessment of the scope of this intrusion, its implications, and any vulnerabilities that made it possible, it is essential that we improve our resilience here at home. We must ensure our critical infrastructure is protected and our supply chains are secure, and to do this, our federal government agencies must work together with state and local governments — as well as the private sector. We must also work with U.S. allies and partners around the world to disable and stand up to cyber criminals and the state and non-state actors that enable them — including the Russian government.”
In her letter, Spanberger also urged the administration to prioritize cybersecurity in the President’s Budget Request for fiscal year 2022.
As reported gas shortages began to increase in Virginia, Spanberger yesterday called for the Biden Administration to help restore the function of the Colonial Pipeline, hold cyber criminals accountable, and develop a strategy to prevent similar attacks on American infrastructure in the future.
Click here to read the letter, and the full letter text is also below.
Dear President Biden,
I am deeply concerned by the ransomware attack that has affected critical U.S. energy infrastructure and limited the short-term supply of gas for thousands of Central Virginians.
Many gas stations across Virginia’s Seventh District and its surrounding communities are experiencing the negative effects of this cyberattack and the ensuing pipeline shutdown. This attack is having an immediate impact on Virginians who are commuting to work, dropping their children off at school, delivering supplies to small businesses and restaurants, and keeping our communities connected.
I recognize that you are tracking the consequences of this attack closely. As I bring to your attention the particular impacts felt in Virginia, I also want to note my appreciation for your administration’s quick, interagency approach in assessing the damage, working to restore service, and addressing vulnerabilities going forward. I urge you to continue a strong, coordinated response with the urgency this situation demands.
Looking beyond the immediate challenges this attack presents, I will be following your administration’s assessment and lessons learned from this attack, as well as any additional policy guidance on strengthening U.S. cybersecurity. It is critical that your administration put together an interagency strategy that reflects the urgency and complexity of the challenge at hand—and Congress stands ready to ensure your team has the resources and capabilities it needs to carry out this strategy.
In addition to a full assessment of the scope of this intrusion, its implications, and any vulnerabilities that made it possible, it is essential that we improve our resilience here at home. We must ensure our critical infrastructure is protected and our supply chains are secure, and to do this, our federal government agencies must work together with state and local governments—as well as the private sector. We must also work with U.S. allies and partners around the world to disable and stand up to cyber criminals and the state and non-state actors that enable them—including the Russian government, which carries out cyber attacks on the United States and creates an environment where cyber criminals can thrive at the expense of law-abiding citizens and companies. We need to reaffirm that Russia’s direct and indirect destabilizing and dangerous behavior will not go without consequences—and I appreciate that you have made it clear to Russian President Vladimir Putin that your administration will stand up for U.S. interests and stand firm against Russian aggression.
Moreover, I also want to encourage you to include robust funding for cybersecurity in your fiscal year 2022 (FY22) Presidential Budget Request. The Colonial Pipeline attack came on the heels of the SolarWinds attack (likely perpetrated by Russian government-backed actors) and the Hafnium attack (likely perpetrated by Chinese government-backed actors), and it is absolutely essential that we direct the prioritization and resources needed to strengthen cybersecurity comprehensively across government and private sector systems. This robust funding should be reflected throughout the agencies known for their work on cybersecurity, such as the U.S. Department of Homeland Security and the U.S. Department of Justice, as well as across all other relevant agencies and offices.
It will also be critically important to significantly increase support for the U.S. government offices that play a key role in undercutting the illegal and malign activities of hackers, such as the Financial Crimes Enforcement Network (FinCEN) that works to monitor and counter the illicit financial transactions and money laundering that underly cyber attacks and other threats to U.S. national security. If cybercriminals face strong deterrence and security measures and they do not have the tools they depend on, including the ability to move money around illegally, American companies and communities will be safer and less at risk of the economic and supply chain shocks we are seeing now in Virginia and several additional states.
I stand ready to work with and support your administration in its efforts to craft updated policies and strategies to resolve the current pipeline shutdown, hold cyber criminals accountable, and prevent future attacks.
Thank you for your leadership. I look forward to working together to protect American families and the American economy.