House Passes Payne Amendment to Protect Critical Infrastructure Against Cyber Attacks

Washington, D.C. – The U.S. House of Representatives today passed H.R. 1731, the National Cybersecurity Protection Advancement Act of 2015, which included an amendment by Congressman Donald M. Payne, Jr. (NJ-10) to protect critical infrastructure against cyber attacks.

“Three years ago, Hurricane Sandy showed just how weak our critical infrastructure is, and just how vulnerable we can quickly become to layered disasters like cyber attacks by outside actors,” said Congressman Payne, Jr. “These cyber attacks are a drain on our economy, and they expose us to other potentially devastating attacks. We must do a better job of protecting our critical infrastructure, which is why the House’s passage of my amendment is so important at this time.”

Recently, there has been a significant increase in cyber attacks to our critical infrastructure. In 2012, there were 82 reported attacks against the energy field, 29 reported attacks against the water industry, seven reported attacks against chemical plants, and six reported attacks against nuclear companies. Several of these nuclear companies reported that their networks were compromised and that, in some cases, data was seized.

Many cyber attacks on critical infrastructure may go undetected or unrecognized because they can initially be perceived as a technical glitch or human error, and because there is a lack of consensus as to what constitutes a cyber attack. As a result, critical sources of data detailing potential threats to our nation’s control systems are missed.

Congressman Payne, Jr.’s amendment to H.R. 1731 aims to address this issue by improving communication and information sharing between the National Cybersecurity and Communications Integration Center (NCCIC) and infrastructure operators.

The amendment calls for the Secretary of Homeland Security to disseminate information to the public about how to voluntarily share cyber threat indicators and defensive measures with the NCCIC. It also enhances outreach to critical infrastructure owners and operators for purposes of such sharing.