I
119THCONGRESS
1
STSESSION H. R. 2659
To ensure the security and integrity of United States critical infrastructure
by establishing an interagency task force and requiring a comprehensive
report on the targeting of United States critical infrastructure by Peo-
ple’s Republic of China state-sponsored cyber actors, and for other pur-
poses.
IN THE HOUSE OF REPRESENTATIVES
APRIL7, 2025
Mr. O
GLES(for himself, Mr. GREENof Tennessee, Ms. LEEof Florida, Mr.
M
OOLENAAR, and Mr. GARBARINO) introduced the following bill; which
was referred to the Committee on Homeland Security
A BILL
To ensure the security and integrity of United States critical
infrastructure by establishing an interagency task force
and requiring a comprehensive report on the targeting
of United States critical infrastructure by People’s Re-
public of China state-sponsored cyber actors, and for
other purposes.
Be it enacted by the Senate and House of Representa-1
tives of the United States of America in Congress assembled, 2
SECTION 1. SHORT TITLE. 3
This Act may be cited as the ‘‘Strengthening Cyber 4
Resilience Against State-Sponsored Threats Act’’. 5
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00001 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 2
•HR 2659 IH
SEC. 2. INTERAGENCY TASK FORCE AND REPORT ON THE 1
TARGETING OF UNITED STATES CRITICAL IN-2
FRASTRUCTURE BY PEOPLE’S REPUBLIC OF 3
CHINA STATE-SPONSORED CYBER ACTORS. 4
(a) I
NTERAGENCYTASKFORCE.—Not later than 120 5
days after the date of the enactment of this Act, the Sec-6
retary of Homeland Security, acting through the Director 7
of the Cybersecurity and Infrastructure Security Agency 8
(CISA) of the Department of Homeland Security, in con-9
sultation with the Attorney General, the Director of the 10
Federal Bureau of Investigation, and the heads of appro-11
priate Sector Risk Management Agencies as determined 12
by the Director of CISA, shall establish a joint interagency 13
task force (in this section referred to as the ‘‘task force’’) 14
to facilitate collaboration and coordination among the Sec-15
tor Risk Management Agencies assigned a Federal role or 16
responsibility in National Security Memorandum–22, 17
issued April 30, 2024 (relating to critical infrastructure 18
security and resilience), or any successor document, to de-19
tect, analyze, and respond to the cybersecurity threat 20
posed by State-sponsored cyber actors, including Volt Ty-21
phoon, of the People’s Republic of China by ensuring that 22
such agencies’ actions are aligned and mutually rein-23
forcing. 24
(b) C
HAIRS.— 25
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00002 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 3
•HR 2659 IH
(1) CHAIRPERSON.—The Director of CISA (or 1
the Director of CISA’s designee) shall serve as the 2
chairperson of the task force. 3
(2) V
ICE CHAIRPERSON.—The Director of the 4
Federal Bureau of Investigation (or such Director’s 5
designee) shall serve as the vice chairperson of the 6
task force. 7
(c) C
OMPOSITION.— 8
(1) I
N GENERAL.—The task force shall consist 9
of appropriate representatives of the departments 10
and agencies specified in subsection (a). 11
(2) Q
UALIFICATIONS.—To materially assist in 12
the activities of the task force, representatives under 13
paragraph (1) should be subject matter experts who 14
have familiarity and technical expertise regarding cy-15
bersecurity, digital forensics, or threat intelligence 16
analysis, or in-depth knowledge of the tactics, tech-17
niques, and procedures (TTPs) commonly used by 18
State-sponsored cyber actors, including Volt Ty-19
phoon, of the People’s Republic of China. 20
(d) V
ACANCY.—Any vacancy occurring in the mem-21
bership of the task force shall be filled in the same manner 22
in which the original appointment was made. 23
(e) E
STABLISHMENTFLEXIBILITY.—To avoid redun-24
dancy, the task force may coordinate with any preexisting 25
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00003 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 4
•HR 2659 IH
task force, working group, or cross-intelligence effort with-1
in the Homeland Security Enterprise or the intelligence 2
community that has examined or responded to the cyberse-3
curity threat posed by State-sponsored cyber actors, in-4
cluding Volt Typhoon, of the People’s Republic of China. 5
(f) T
ASKFORCEREPORTS; BRIEFING.— 6
(1) I
NITIAL REPORT.—Not later than 540 days 7
after the establishment of the task force, the task 8
force shall submit to the appropriate congressional 9
committees the first report containing the initial 10
findings, conclusions, and recommendations of the 11
task force. 12
(2) A
NNUAL REPORT.—Not later than one year 13
after the date of the submission of the initial report 14
under paragraph (1) and annually thereafter for five 15
years, the task force shall submit to the appropriate 16
congressional committees an annual report con-17
taining the findings, conclusions, and recommenda-18
tions of the task force. 19
(3) C
ONTENTS.—The reports under this sub-20
section shall include the following: 21
(A) An assessment at the lowest classifica-22
tion feasible of the sector-specific risks, trends 23
relating to incidents impacting sectors, and tac-24
tics, techniques, and procedures utilized by or 25
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00004 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 5
•HR 2659 IH
relating to State-sponsored cyber actors, includ-1
ing Volt Typhoon, of the People’s Republic of 2
China. 3
(B) An assessment of additional resources 4
and authorities needed by Federal departments 5
and agencies to better counter the cybersecurity 6
threat posed by State-sponsored cyber actors, 7
including Volt Typhoon, of the People’s Repub-8
lic of China. 9
(C) A classified assessment of the extent of 10
potential destruction, compromise, or disruption 11
to United States critical infrastructure by 12
State-sponsored cyber actors, including Volt Ty-13
phoon, of the People’s Republic of China in the 14
event of a major crisis or future conflict be-15
tween the People’s Republic of China and the 16
United States. 17
(D) A classified assessment of the ability 18
of the United States to counter the cybersecu-19
rity threat posed by State-sponsored cyber ac-20
tors, including Volt Typhoon, of the People’s 21
Republic of China in the event of a major crisis 22
or future conflict between the People’s Republic 23
of China and the United States, including with 24
respect to different cybersecurity measures and 25
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00005 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 6
•HR 2659 IH
recommendations that could mitigate such a 1
threat. 2
(E) A classified assessment of the ability 3
of State-sponsored cyber actors, including Volt 4
Typhoon, of the People’s Republic of China to 5
disrupt operations of the United States Armed 6
Forces by hindering mobility across critical in-7
frastructure such as rail, aviation, and ports, 8
including how such would impair the ability of 9
the United States Armed Forces to deploy and 10
maneuver forces effectively. 11
(F) A classified assessment of the eco-12
nomic and social ramifications of a disruption 13
to one or multiple United States critical infra-14
structure sectors by State-sponsored cyber ac-15
tors, including Volt Typhoon, of the People’s 16
Republic of China in the event of a major crisis 17
or future conflict between the People’s Republic 18
of China and the United States. 19
(G) Such recommendations as the task 20
force may have for the Homeland Security En-21
terprise, the intelligence community, or critical 22
infrastructure owners and operators to improve 23
the detection and mitigation of the cybersecu-24
rity threat posed by State-sponsored cyber ac-25
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00006 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 7
•HR 2659 IH
tors, including Volt Typhoon, of the People’s 1
Republic of China. 2
(H) A one-time plan for an awareness 3
campaign to familiarize critical infrastructure 4
owners and operators with security resources 5
and support offered by Federal departments 6
and agencies to mitigate the cybersecurity 7
threat posed by State-sponsored cyber actors, 8
including Volt Typhoon, of the People’s Repub-9
lic of China. 10
(4) B
RIEFING.—Not later than 30 days after 11
the date of the submission of each report under this 12
subsection, the task force shall provide to the appro-13
priate congressional committees a classified briefing 14
on the findings, conclusions, and recommendations 15
of the task force. 16
(5) F
ORM.—Each report under this subsection 17
shall be submitted in classified form, consistent with 18
the protection of intelligence sources and methods, 19
but may include an unclassified executive summary. 20
(6) P
UBLICATION.—The unclassified executive 21
summary of each report required under this sub-22
section shall be published on a publicly accessible 23
website of the Department of Homeland Security. 24
(g) A
CCESS TOINFORMATION.— 25
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00007 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 8
•HR 2659 IH
(1) IN GENERAL.—The Secretary of Homeland 1
Security, the Director of CISA, the Attorney Gen-2
eral, the Director of the Federal Bureau of Inves-3
tigation, and the heads of appropriate Sector Risk 4
Management Agencies, as determined by the Direc-5
tor of CISA, shall provide to the task force such in-6
formation, documents, analysis, assessments, find-7
ings, evaluations, inspections, audits, or reviews re-8
lating to efforts to counter the cybersecurity threat 9
posed by State-sponsored cyber actors, including 10
Volt Typhoon, of the People’s Republic of China as 11
the task force considers necessary to carry out this 12
section. 13
(2) R
ECEIPT, HANDLING, STORAGE, AND DIS-14
SEMINATION.—Information, documents, analysis, as-15
sessments, findings, evaluations, inspections, audits, 16
and reviews described in this subsection shall be re-17
ceived, handled, stored, and disseminated only by 18
members of the task force consistent with all appli-19
cable statutes, regulations, and Executive orders. 20
(3) S
ECURITY CLEARANCES FOR TASK FORCE 21
MEMBERS.—No member of the task force may be 22
provided with access to classified information under 23
this section without the appropriate security clear-24
ances. 25
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00008 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 9
•HR 2659 IH
(h) TERMINATION.—The task force, and all the au-1
thorities of this section, shall terminate on the date that 2
is 60 days after the final briefing required under sub-3
section (h)(4). 4
(i) E
XEMPTIONFROMFACA.—Chapter 10 of title 5
5, United States Code (commonly referred to as the ‘‘Fed-6
eral Advisory Committee Act’’), shall not apply to the task 7
force. 8
(j) E
XEMPTIONFROMPAPERWORK REDUCTION 9
A
CT.—Chapter 35 of title 44, United States Code (com-10
monly known as the ‘‘Paperwork Reduction Act’’), shall 11
not apply to the task force. 12
(k) D
EFINITIONS.—In this section: 13
(1) A
PPROPRIATE CONGRESSIONAL COMMIT -14
TEES.—The term ‘‘appropriate congressional com-15
mittees’’ means— 16
(A) the Committee on Homeland Security, 17
the Committee on Judiciary, and the Select 18
Committee on Intelligence of the House of Rep-19
resentatives; and 20
(B) the Committee on Homeland Security 21
and Governmental Affairs, the Committee on 22
Judiciary, and the Select Committee on Intel-23
ligence of the Senate. 24
VerDate Sep 11 2014 02:12 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00009 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 10
•HR 2659 IH
(2) ASSETS.—The term ‘‘assets’’ means a per-1
son, structure, facility, information, material, equip-2
ment, network, or process, whether physical or vir-3
tual, that enables an organization’s services, func-4
tions, or capabilities. 5
(3) C
RITICAL INFRASTRUCTURE .—The term 6
‘‘critical infrastructure’’ has the meaning given such 7
term in section 1016(e) of Public Law 107–56 (42 8
U.S.C. 5195c(e)). 9
(4) C
YBERSECURITY THREAT .—The term ‘‘cy-10
bersecurity threat’’ has the meaning given such term 11
in section 2200 of the Homeland Security Act of 12
2002 (6 U.S.C. 650). 13
(5) H
OMELAND SECURITY ENTERPRISE .—The 14
term ‘‘Homeland Security Enterprise’’ has the 15
meaning given such term in section 2200 of the 16
Homeland Security Act of 2002 (6 U.S.C. 650). 17
(6) I
NCIDENT.—The term ‘‘incident’’ has the 18
meaning given such term in section 2200 of the 19
Homeland Security Act of 2002 (6 U.S.C. 650). 20
(7) I
NFORMATION SHARING .—The term ‘‘infor-21
mation sharing’’ means the bidirectional sharing of 22
timely and relevant information concerning a cyber-23
security threat posed by a State-sponsored cyber 24
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00010 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 11
•HR 2659 IH
actor of the People’s Republic of China to United 1
States critical infrastructure. 2
(8) I
NTELLIGENCE COMMUNITY .—The term 3
‘‘intelligence community’’ has the meaning given 4
such term in section 3(4) of the National Security 5
Act of 1947 (50 U.S.C. 3003(4)). 6
(9) L
OCALITY.—The term ‘‘locality’’ means any 7
local government authority or agency or component 8
thereof within a State having jurisdiction over mat-9
ters at a county, municipal, or other local govern-10
ment level. 11
(10) S
ECTOR.—The term ‘‘sector’’ means a col-12
lection of assets, systems, networks, entities, or or-13
ganizations that provide or enable a common func-14
tion for national security (including national defense 15
and continuity of Government), national economic 16
security, national public health or safety, or any 17
combination thereof. 18
(11) S
ECTOR RISK MANAGEMENT AGENCY .— 19
The term ‘‘Sector Risk Management Agency’’ has 20
the meaning given such term in section 2200 of the 21
Homeland Security Act of 2002 (6 U.S.C. 650). 22
(12) S
TATE.—The term ‘‘State’’ means any 23
State of the United States, the District of Columbia, 24
the Commonwealth of Puerto Rico, the Northern 25
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00011 Fmt 6652 Sfmt 6201 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS 12
•HR 2659 IH
Mariana Islands, the United States Virgin Islands, 1
Guam, American Samoa, and any other territory or 2
possession of the United States. 3
(13) S
YSTEMS.—The term ‘‘systems’’ means a 4
combination of personnel, structures, facilities, infor-5
mation, materials, equipment, networks, or proc-6
esses, whether physical or virtual, integrated or 7
interconnected for a specific purpose that enables an 8
organization’s services, functions, or capabilities. 9
(14) U
NITED STATES.—The term ‘‘United 10
States’’, when used in a geographic sense, means 11
any State of the United States. 12
(15) V
OLT TYPHOON.—The term ‘‘Volt Ty-13
phoon’’ means the People’s Republic of China State- 14
sponsored cyber actor described in the Cybersecurity 15
and Infrastructure Security Agency cybersecurity 16
advisory entitled ‘‘PRC State-Sponsored Actors 17
Compromise and Maintain Persistent Access to U.S. 18
Critical Infrastructure’’, issued on February 07, 19
2024, or any successor advisory. 20
Æ
VerDate Sep 11 2014 01:26 Apr 08, 2025 Jkt 059200 PO 00000 Frm 00012 Fmt 6652 Sfmt 6301 E:\BILLS\H2659.IH H2659
ssavage on LAPJG3WLY3PROD with BILLS