Washington, D.C. – U.S. Senator Marsha Blackburn along with Senators Roger Marshall, M.D. (R-Kan.), Ted Cruz (R-Texas), and Tom Cotton (R-Ark.) sent a letter to President Biden urging him to respond to the People’s Republic of China state-sponsored cyberattacks with sanctions similar to those implemented against Russian entities.
The Senators also demand answers regarding how the Administration will protect the United States from further cyberattacks.
“I write regarding the recent Cybersecurity Advisory issued by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) assessing that the People’s Republic of China state-sponsored malicious cyber activity is a major threat to U.S. and Allied cyberspace assets,” the Senators wrote.
“I call on you to clarify your red lines and provide transparency regarding how your Administration will act to protect the U.S. from further cyberattacks. I also call on you to respond to the People’s Republic of China state-sponsored cyberattacks with sanctions similar to those implemented against Russian entities and individuals in your April 15th Executive Order.”
“The U.S. must respond to these attacks with swift and decisive force to defend our national interests and impose costs for Russian and Chinese actions that seek to harm us.”
View the full text of the letter here or below.
Dear Mr. President:
I write regarding the recent Cybersecurity Advisory issued by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) assessing that the People’s Republic of China state-sponsored malicious cyber activity is a major threat to U.S. and Allied cyberspace assets. The Advisory states that Chinese state-sponsored cyber activities “aggressively target political, economic, military, educational, and critical infrastructure personnel and organizations to access valuable, sensitive data.”
The Cyberattack Advisory follows a recent cyberattack on Kaseya Ltd reportedly conducted by a Russian-based cybercriminal organization REvil, which impacted as many as 1,500 businesses including HX5, a U.S. defense contractor working on aerospace and weapon launch technology for the U.S. military, and Synnex, a technology provider for the Republican National Committee, the campaign arm of the Republican Party. These attacks represent a test of your resolve to put Russia “on notice” and respond aggressively to any interference in American elections. Additional cyberattacks conducted by Russian-based organizations in March successfully targeted U.S. critical energy infrastructure and meat-processing plants, taking 45% of the east coast’s gasoline offline and wiping out 20% of U.S. beef production.5 These attacks represent only a handful of the $350 million paid to malicious cyber actors in 2021, a devastating 300% increase.
Following these incidents, during your June 16 meeting with President Putin, you presented a list of 16 critical sectors of the American economy defining “red lines” that would necessitate a response from the U.S. if attacked. Recent state sponsored cyberattacks conducted by Chinese and Russian-based criminal organizations continue to cross the red lines you defined. They present a grave national security concern to the United States, its economy, and the American people’s way of life. They also raise questions about your Administration’s role defending and deterring future cyberattacks from criminals and foreign governments.
I call on you to clarify your red lines and provide transparency regarding how your Administration will act to protect the U.S. from further cyberattacks. I also call on you to respond to the People’s Republic of China state-sponsored cyberattacks with sanctions similar to those implemented against Russian entities and individuals in your April 15th Executive Order. The U.S. must respond to these attacks with swift and decisive force to defend our national interests and impose costs for Russian and Chinese actions that seek to harm us.
- What action will your Administration take to respond to a cyberattack on these 16 critical sectors if a foreign-based criminal organization claims responsibility or is determined to have conducted the attack?
- What action will your Administration take to respond to a cyberattack on these 16 critical sectors if a foreign government claims responsibility or is determined to have conducted the attack?
- What action will your Administration take to deter cyberattacks on U.S. companies not categorized as one of the 16 critical sectors?
- Will your Administration place sanctions on the People’s Republic of China for its recent state-sponsored cyber operations conducted against the U.S.?
- What action will your Administration take against REvil in response to its cyberattack against a U.S. defense contractor working on programs for the U.S. Army, Navy, Air Force, NASA, and General Services Administration?
- In a March interview, REvil claimed to know of several affiliates with access to a ballistic missile launch system, a U.S. Navy cruiser, a nuclear power plant, and a weapons factory. Are you aware of these cyberattacks and have you taken action to secure U.S. systems?
- Has your Administration advised Kaseya Ltd, Colonial Pipeline, JBS, HX5, or any other company impacted by cyberattacks to pay a ransom?
- Do you consider the recent cyberattack on the Republican National Committee, a U.S. political committee responsible for organizing and coordinating the Republican Party’s election strategy, an interference in American elections?
Thank you for your attention to this important matter. We will present the opportunity to answer these questions in a classified setting should it be necessary. I look forward to your response.
Sincerely,
Roger Marshall, M.D.
U.S. Senator
Marsha Blackburn
U.S. Senator
Ted Cruz
U.S. Senator
Tom Cotton
U.S. Senator
