WASHINGTON, D.C. – U.S. Senator Gary Peters (D-MI), Chairman of the Homeland Security and Governmental Affairs Committee, convened a hearing with experts from the cybersecurity industry and research community to examine the recently discovered vulnerability in Log4j – one of the most serious and widespread cybersecurity risks ever seen. During the hearing, Peters highlighted a landmark, bipartisan legislative package he introduced yesterday that would enhance our nation’s ability to combat ongoing cybersecurity threats against our critical infrastructure and the federal government – particularly in the face of potential cyber-attacks sponsored by the Russian government in retaliation for U.S. support in Ukraine. The vulnerability in Log4j is yet another example of why the Senate must act swiftly and pass this legislation.
“In terms of the amount of online services, sites, and devices exposed, the potential impact of this software vulnerability is immeasurable, and it leaves everything from our critical infrastructure, such as banks and power grids, to government agencies, open to network breaches. We have already seen how cyber-attacks on these critical entities can have catastrophic impacts on the lives and livelihoods of Americans,” said Peters during his opening statement.
Peters continued: “I will continue to monitor and track this latest cybersecurity threat, and work with my colleagues to help ensure the government is receiving timely information about cybersecurity threats, so we can formulate a comprehensive strategy to fight back against hackers and hold foreign adversaries accountable for targeting our networks.”
To watch video of Senator Peters’ questions and closing, click here.
At the hearing, Peters highlighted how the Russian government has already reportedly exploited the vulnerability in Log4j to attack Ukrainian systems and how U.S. intelligence experts have warned that the Russian Government may perpetrate more cyber-attacks against American networks in retaliation for our support in Ukraine. Peters asked the witnesses about the benefits of his legislation to require critical infrastructure to report substantial cyber incidents – and this how bill will help American companies defend against cyber-attacks from foreign adversaries and cybercriminals. Peters and the witnesses also discussed the impacts of the Log4j vulnerability and how experts across the public and private sectors are working to mitigate the effects of this cybersecurity risk. The Committee also discussed how the government and the private sector can work to secure software more broadly given the widespread use, benefits, and challenges of open source code.
As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to increase our nation’s cybersecurity defenses. His bill to enhance cybersecurity assistance to K-12 educational institutions across the country was signed into law. Peters also secured several provisions in the bipartisan infrastructure law to bolster cybersecurity – including $100 million fund to help victims of a serious attack recover quickly. Peters’ bill to promote stronger cybersecurity coordination between the Department of Homeland Security and state and local governments has passed the Senate.