President Joe Biden’s national security officials are divided on legislation that would require critical infrastructure companies to report cyberattacks to the federal government, Politico reports.
Quarreling over the cybersecurity bill comes days after its unanimous passage in the Senate and as Russia’s invasion of Ukraine has raised fears of Kremlin-sponsored hackers attacking key resources, such as fuel pipelines, hospitals, and power plants.
The Justice Department and the Department of Homeland Security are at loggerheads on the bill, known as S. 3600, which would require operators of critical infrastructure to report hacks to DHS’ Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours and ransom payments within 24 hours.
CISA Director Jen Easterly says the reporting requirement is an important tool for increasing the nation’s digital defenses; however, Deputy Attorney General Lisa Monaco said Wednesday that the legislation would make the country "less safe," and FBI Director Christopher Wray said the bill had "serious flaws."
An FBI official told Politico that some of the bill’s provisions might discourage companies from talking to the bureau and make it more difficult for the government to disrupt cybercrime gangs.
The legislation’s bipartisan Senate sponsors, Homeland Security Chair Gary Peters, D-Mich., and ranking member Rob Portman, R-Ohio, have not expressed interest in changing the bill.
The infighting over the reporting mandate comes as security experts say it’s vital for the federal government’s different agencies to be on the same page on cyber issues.
"It’s disappointing to see the FBI take a bureaucratic dispute public under the guise of a serious threat to public safety," Trey Herr, director of the Atlantic Council’s Cyber Statecraft Initiative, told Politico.
Matthew Travis, a former deputy director of CISA, said the squabbling didn’t look good.
"The optics are certainly awkward at best," he told Politico.
While DOJ has not publicly explained its concerns with the bill, the FBI official, who spoke anonymously to Politico, said the bureau was seeking two changes to the legislation.
First, the FBI wants companies that talk to agents during a cyberattack to receive the same liability protections that Congress is offering to companies that send written hacking reports to CISA. Without that change, the FBI official told Politico, companies will not discuss hacks with bureau agents and will only share information with CISA, which will slow the FBI’s investigations as it waits for CISA to share information.
"There’s no desire to take anything at all away from CISA that this statute gives it," the FBI official said. "The more information they’re armed with, the better … The only thing we’re asking for … is to make sure that those liability protections extend to other conversations as well."
The FBI also wants lawmakers to change a liability provision in the bill that would bar companies’ hacking reports from being used in court proceedings. The bureau official said that language could prevent agents from showing the evidence needed for warrants to seize cybercriminals’ computer servers or cryptocurrency.
National Security Council spokesperson Emily Horne told Politico the Biden administration "remains committed to working with the House, and exploring all options to ensure that the legislation enables all relevant federal agencies to receive and process these incident reports as quickly as possible to carry out their cybersecurity missions."
© 2026 Newsmax. All rights reserved.