Today, the Subcommittee on Oversight and Investigations held a hearing to examine the ongoing cybersecurity threats facing the Department of the Interior (DOI) and the nexus to state-sponsored cyber actors, like the People's Republic of China. Subcommittee Chairman Paul Gosar (R-Ariz.) released the following statement in response:

"Federal agencies, including the Department of Interior, must ensure adequate cybersecurity measures are in place to prevent the disruption of government operations and to ensure that our national security is not threatened. Unfortunately, recent GAO and OIG reports raise deeply troubling concerns about DOI’s ability to stave off a cyberattack or protect its assets, promote national security or prevent disruptions in our national fuel supply. Today’s hearing will examine immediate steps the Biden administration must take to address the Department of Interior’s cybersecurity risk before it’s too late."

Background

United States government agencies are increasingly subject to state-sponsored cyber threats, most notably from China. Having a strong cybersecurity system is an ongoing process in which agencies should continually work to identify, protect and detect cybersecurity threats.

This work includes identifying system weaknesses and implementing best practices. The DOI Office of Inspector General and the Government Accountability Office recently issued separate reports on cybersecurity weaknesses at the DOI that exposed the ongoing vulnerability of DOI's information systems, DOI's assets and America's offshore energy infrastructure.

All U.S. government agencies must prioritize cybersecurity, including DOI, because cyberattacks can disrupt government operations and threaten America's national security and owned assets. In addition, the cybersecurity weaknesses at DOI threaten America's energy sector and national security. 

Today's hearing was necessary to examine various ways to enhance our government agencies' cybersecurity, prioritize the nation's cybersecurity infrastructure and get answers on how DOI can improve its cybersecurity infrastructure.