H.R. 2659

119th CONGRESS 1st Session

To ensure the security and integrity of United States critical infrastructure by establishing an interagency task force and requiring a comprehensive report on the targeting of United States critical infrastructure by People’s Republic of China state-sponsored cyber actors, and for other purposes.

IN THE HOUSE OF REPRESENTATIVES · April 7, 2025 · Sponsor: Mr. Ogles · Committee: Committee on Homeland Security

Table of contents

• H.R. 2659
  • SEC. 1. Short title
  • SEC. 2. Interagency task force and report on the targeting of United States critical infrastructure by People’s Republic of China state-sponsored cyber actors

SEC. 1. Short title

• This Act may be cited as the Strengthening Cyber Resilience Against State-Sponsored Threats Act.

SEC. 2. Interagency task force and report on the targeting of United States critical infrastructure by People’s Republic of China state-sponsored cyber actors

• (a) Interagency task force
  • Not later than 120 days after the date of the enactment of this Act, the Secretary of Homeland Security, acting through the Director of the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security, in consultation with the Attorney General, the Director of the Federal Bureau of Investigation, and the heads of appropriate Sector Risk Management Agencies as determined by the Director of CISA, shall establish a joint interagency task force (in this section referred to as the ) to facilitate collaboration and coordination among the Sector Risk Management Agencies assigned a Federal role or responsibility in National Security Memorandum–22, issued April 30, 2024 (relating to critical infrastructure security and resilience), or any successor document, to detect, analyze, and respond to the cybersecurity threat posed by State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China by ensuring that such agencies’ actions are aligned and mutually reinforcing.
• (b) Chairs
  • (1) Chairperson
    • The Director of CISA (or the Director of CISA’s designee) shall serve as the chairperson of the task force.
  • (2) Vice chairperson
    • The Director of the Federal Bureau of Investigation (or such Director’s designee) shall serve as the vice chairperson of the task force.
• (c) Composition
  • (1) In general
    • The task force shall consist of appropriate representatives of the departments and agencies specified in subsection (a).
  • (2) Qualifications
    • To materially assist in the activities of the task force, representatives under paragraph (1) should be subject matter experts who have familiarity and technical expertise regarding cybersecurity, digital forensics, or threat intelligence analysis, or in-depth knowledge of the tactics, techniques, and procedures (TTPs) commonly used by State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China.
• (d) Vacancy
  • Any vacancy occurring in the membership of the task force shall be filled in the same manner in which the original appointment was made.
• (e) Establishment flexibility
  • To avoid redundancy, the task force may coordinate with any preexisting task force, working group, or cross-intelligence effort within the Homeland Security Enterprise or the intelligence community that has examined or responded to the cybersecurity threat posed by State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China.
• (f) Task force reports; briefing
  • (1) Initial report
    • Not later than 540 days after the establishment of the task force, the task force shall submit to the appropriate congressional committees the first report containing the initial findings, conclusions, and recommendations of the task force.
  • (2) Annual report
    • Not later than one year after the date of the submission of the initial report under paragraph (1) and annually thereafter for five years, the task force shall submit to the appropriate congressional committees an annual report containing the findings, conclusions, and recommendations of the task force.
  • (3) Contents
    • The reports under this subsection shall include the following:
      • An assessment at the lowest classification feasible of the sector-specific risks, trends relating to incidents impacting sectors, and tactics, techniques, and procedures utilized by or relating to State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China.
      • An assessment of additional resources and authorities needed by Federal departments and agencies to better counter the cybersecurity threat posed by State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China.
      • A classified assessment of the extent of potential destruction, compromise, or disruption to United States critical infrastructure by State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China in the event of a major crisis or future conflict between the People’s Republic of China and the United States.
      • A classified assessment of the ability of the United States to counter the cybersecurity threat posed by State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China in the event of a major crisis or future conflict between the People’s Republic of China and the United States, including with respect to different cybersecurity measures and recommendations that could mitigate such a threat.
      • A classified assessment of the ability of State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China to disrupt operations of the United States Armed Forces by hindering mobility across critical infrastructure such as rail, aviation, and ports, including how such would impair the ability of the United States Armed Forces to deploy and maneuver forces effectively.
      • A classified assessment of the economic and social ramifications of a disruption to one or multiple United States critical infrastructure sectors by State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China in the event of a major crisis or future conflict between the People’s Republic of China and the United States.
      • Such recommendations as the task force may have for the Homeland Security Enterprise, the intelligence community, or critical infrastructure owners and operators to improve the detection and mitigation of the cybersecurity threat posed by State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China.
• (g) Access to information
  • (1) In general
    • The Secretary of Homeland Security, the Director of CISA, the Attorney General, the Director of the Federal Bureau of Investigation, and the heads of appropriate Sector Risk Management Agencies, as determined by the Director of CISA, shall provide to the task force such information, documents, analysis, assessments, findings, evaluations, inspections, audits, or reviews relating to efforts to counter the cybersecurity threat posed by State-sponsored cyber actors, including Volt Typhoon, of the People’s Republic of China as the task force considers necessary to carry out this section.
  • (2) Receipt, handling, storage, and dissemination
    • Information, documents, analysis, assessments, findings, evaluations, inspections, audits, and reviews described in this subsection shall be received, handled, stored, and disseminated only by members of the task force consistent with all applicable statutes, regulations, and Executive orders.
  • (3) Security clearances for task force members
    • No member of the task force may be provided with access to classified information under this section without the appropriate security clearances.
• (h) Termination
  • The task force, and all the authorities of this section, shall terminate on the date that is 60 days after the final briefing required under subsection (h)(4).
• (i) Exemption from FACA
  • of title 5, United States Code (commonly referred to as the ), shall not apply to the task force. Federal Advisory Committee Act Chapter 10
• (j) Exemption from paperwork reduction act
  • of title 44, United States Code (commonly known as the ), shall not apply to the task force. Paperwork Reduction Act Chapter 35
• (k) Definitions
  • In this section:
    • The term means— appropriate congressional committees
    • The term means a person, structure, facility, information, material, equipment, network, or process, whether physical or virtual, that enables an organization’s services, functions, or capabilities. assets
    • The term has the meaning given such term in section 1016(e) of (). critical infrastructure Public Law 107–56; 42 U.S.C. 5195c(e)
    • The term has the meaning given such term in section 2200 of the Homeland Security Act of 2002 (). cybersecurity threat 6 U.S.C. 650
    • The term has the meaning given such term in section 2200 of the Homeland Security Act of 2002 (). Homeland Security Enterprise 6 U.S.C. 650
    • The term has the meaning given such term in section 2200 of the Homeland Security Act of 2002 (). incident 6 U.S.C. 650
    • The term means the bidirectional sharing of timely and relevant information concerning a cybersecurity threat posed by a State-sponsored cyber actor of the People’s Republic of China to United States critical infrastructure. information sharing
    • The term has the meaning given such term in section 3(4) of the National Security Act of 1947 (). intelligence community 50 U.S.C. 3003(4)
    • The term means any local government authority or agency or component thereof within a State having jurisdiction over matters at a county, municipal, or other local government level. locality
    • The term means a collection of assets, systems, networks, entities, or organizations that provide or enable a common function for national security (including national defense and continuity of Government), national economic security, national public health or safety, or any combination thereof. sector
    • The term has the meaning given such term in section 2200 of the Homeland Security Act of 2002 (). Sector Risk Management Agency 6 U.S.C. 650
    • The term means any State of the United States, the District of Columbia, the Commonwealth of Puerto Rico, the Northern Mariana Islands, the United States Virgin Islands, Guam, American Samoa, and any other territory or possession of the United States.
    • The term means a combination of personnel, structures, facilities, information, materials, equipment, networks, or processes, whether physical or virtual, integrated or interconnected for a specific purpose that enables an organization’s services, functions, or capabilities. systems
    • The term , when used in a geographic sense, means any State of the United States.
    • The term means the People’s Republic of China State-sponsored cyber actor described in the Cybersecurity and Infrastructure Security Agency cybersecurity advisory entitled , issued on February 07, 2024, or any successor advisory.