Congressman Garbarino, Tri-State Gas Station Owners Urge Action to Address Cyber Threats To Critical Infrastructure

NEW YORK, NY - Today, Congressman Andrew Garbarino held a joint press conference with John Catsimatidis, CEO of United Refining Company, in New York City to discuss the cyberattack that shut down the pipeline that supplies 45 percent of the fuel on the east coast.

Rep. Garbarino is the Ranking Member of the House Homeland Security's Committee Subcommittee on Cybersecurity, Infrastructure Protection, & Innovation. His remarks, as prepared, included the following:

"On Friday, the United States’ largest fuel pipeline, Colonial Pipeline, was shut down due to a cyberattack. Since then, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Department of Energy (DOE), and the Department of Transportation (DOT), and other Sector Risk Management Agencies (SRMA) have been engaged with the operator and their interagency partners to restore service and evaluate the origins of the attack. On Sunday, DOT issued a Regional Emergency Declaration, which allows for relaxed rules for fuel being transported by road in response to the unanticipated shutdown of the pipeline. Federal interagency partners will continue to monitor and respond to potential impacts to the Nation’s energy supply and aftermath of this attack. 

For decades, criminals have been coming up with new and innovative ways to terrorize the American people. Violence is an old standby, but today we are facing down an equally sinister and much more evasive form of assault. Cyber-attacks are the greatest national security threat of our time. These attacks have real world consequences for the American people – threatening the fabric of our security, our data privacy, and our economy. 

This attack on the Colonial Pipeline was not just one on a private company, but on every American who relies on the fuel provided by the pipeline. Colonial Pipeline supplies about 45 percent of the East Coast’s fuel supplies. The pipeline carries over 100 million barrels of oil from Texas to New York metro each day. 

Thanks to this cyber-attack, the Colonial Pipeline has been temporarily shut down. The shutdown could mean rising costs for consumers at the gas pump, along with the increased costs for airlines, shipping companies and others. Shortages for retail fuel stations are possible if the pipeline remains offline for an extended period of time. The potential impacts of this attack and others like it on consumers and businesses are astronomical if allowed to continue. We must do everything we can to prevent future attacks of this nature. 

Over two years ago, the Director of National Intelligence warned that foreign adversaries have the capability to launch a cyber-attack on natural gas pipelines to disrupt operations for days to weeks. We saw this coming, and the cycle must stop. Although there are still uncertainties regarding the origins of this specific cyber-attack, it is imperative that our critical infrastructure owners and operators increase their preparedness and take critical steps to ensure resilience in the event of such attacks. It is essential that the private sector works with and utilizes the resources offered by CISA. 

It is also critical that we in Congress properly fund CISA so it can actively assess and hunt for our vulnerabilities, as well as pursue bad actors.

Cyber-attacks are only increasing. This is evident in attacks from just last few months alone - first at the Florida water treatment facility, and now with the Colonial Pipeline. We must prioritize protecting our critical infrastructure and their information technology systems from nefarious cyber-attacks. 

That is why I am a proud cosponsor the DHS Industrial Control Systems Enhancement Act of 2021, to solidify CISA’s lead role in protecting our nation’s critical infrastructure, particularly industrial control systems. Again, we are still learning more about this attack, and some news reports show that the affected systems were not Industrial Control Systems, but rather business-side infrastructure. Nonetheless, the importance of ICS protection cannot be ignored.

As Ranking Member of the Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation, I am dedicated to coordinating with our Federal and State and Local government partners, as well as the private sector on this common goal of improving our ability to prevent, rapidly respond to, and mitigate against these attacks.

Our community institutions, businesses, and critical infrastructure are all under threat from cyber-attacks. The time for inaction is over. We must move swiftly to shore up our cyber defense and cut cyber criminals off at the knees. I call on my fellow members of Congress, as well as the Biden administration to help accomplish this goal."