Mayorkas’s plans come as the U.S. government is still reeling from two major cyberattacks that have pushed cybersecurity to the forefront of the Biden administration’s national security agenda and created an enormous challenge for homeland security officials.
Russian hackers lurked in the networks of nine federal agencies for nearly nine months before an investigation by cybersecurity firm FireEye tipped off the government to the breach of software company SolarWinds. More recently, Chinese hackers exploited a vulnerability in Microsoft Exchange software to breach thousands of state and local governments, businesses and organizations.
“Our government got hacked last year and we didn’t know about it for months,” Mayorkas said. “This incident is one of many that underscores a need for the federal government to modernize cybersecurity defenses and deepen our partnerships.”
The first sprint will tackle the rise in the use of malicious software by cyber criminals to hold computer systems hostage for payment, also known as ransomware attacks.
A spike in such attacks against U.S. hospitals, schools and other critical public services has added to the difficulties Americans are already facing because of the pandemic.
“There are actors out there who maliciously use ransomware during an unprecedented and ongoing global pandemic, disrupting hospitals as hundreds of thousands die,” Mayorkas said. “This should shock everyone’s conscience.”
Mayorkas noted these attacks disproportionately affect critical public services relied upon by the most vulnerable populations, including elderly and unemployed individuals reliant on government assistance, communities of color and families.
“As we have seen with the wave of ransomware attacks and intrusions into critical infrastructure, cyber threats are coming dangerously close to threatening our lives,” he said
DHS will work with industry and other partners to spread awareness of the risk of ransomware attacks. The agency will also try to improve its ability to disrupt such attacks and the marketplaces that drive sales of the malicious software, Mayorkas said.
The initiative will be followed by an effort to enhance the cybersecurity workforce and improve diversity within the federal cybersecurity workforce. Both government watchdogs and industry analysts have warned that the United States faces a critical shortage of cybersecurity professionals to deal with the increasing cybersecurity risks faced by the nation.
Further sprints will address protecting industrial systems, protecting transportation systems, safeguarding election security and advancing international capacity-building.
DHS is looking for more money to fund its efforts.
Mayorkas says the agency is working on a proposal for a “cyber response and recovery fund” to beef up the Cybersecurity and Infrastructure Security Agency’s ability to assist state, local, tribal and territorial governments. The agency was awarded $650 million in the most recent coronavirus stimulus package, but officials including Mayorkas describe the funding as only a down payment on needed work.
The proposal comes on top of other recent DHS investments to help state and local government protect themselves from attacks. Mayorkas last month announced the department would increase funding for emergency preparedness grants dedicated to cybersecurity. DHS has also started stationing cyber coordinators in each state, an initiative enacted in the last defense authorization bill.
Mayorkas pointed to the White House’s myriad efforts, including a pending executive order that will include nearly a dozen actions to improve U.S. cybersecurity.
Mayorkas’s plans drew bipartisan praise.
“Secretary Mayorkas laid out a bold series of sprints to address critical vulnerabilities in our operational technology, the growing scourge of ransomware, and, most importantly, our deficiencies in training a robust cyber workforce,” Rep. Jim Langevin (D-R.I.), a senior member of the House Homeland Security Committee and a member of the Cyberspace Solarium Commission, wrote in a statement. “I will proudly support him and CISA as they implement these sprints.”
Rep. John Katko (R-N.Y.), the top Republican on the House Homeland Security Committee, praised DHS’s work on ransomware attacks.
“I couldn’t agree more that ensuring CISA has the resources, workforce and authorities it needs to carry out its mission is critical for .gov security and critical infrastructure resilience alike,” Katko said.
Both lawmakers expressed interest in working with Congress to make sure the agency gets the funding it needs to carry out its mission.
Chat room
Reuters’s Chris Bing noted DHS’s fondness for comparing cybersecurity to America’s favorite pastime.
Former State cybersecurity official Chris Painter offered an extension on the metaphor:
The keys
North Korean hackers are still trying to lure security researchers.
The hackers probably have never-before-seen hacks of popular software, Google said, rendering them dangerous. The hackers have already hacked software such as Internet Explorer, and were able to breach a system running up-to-date Windows and Google Chrome software.
Most recently, the hackers set up a website and social media accounts for a fake Turkish cybersecurity firm and also tried to impersonate cybersecurity recruiters. The attacks came months after researchers from Google’s Threat Analysis Group said the hackers were targeting security researchers.
A Pentagon watchdog said that telework has increased the risk of hacks.
The Defense Department’s inspector general said the Pentagon “did not consistently maintain network protections as the DoD workforce maximized the use of telework capabilities” during the pandemic. Concerns included the failure of some offices to patch known vulnerabilities in virtual private networks.
The report, which had some portions redacted, recommended that the military revise and develop a range of cybersecurity policies.
An Israeli man admitted to being the middleman between illegal online marketplaces for hackers and potential customers.
The U.S. Justice Department said that Tal Prihar, who lived in Brazil, pleaded guilty to a money-laundering conspiracy in connection with DeepDotWeb, a site that connected users with illegal marketplaces selling illegal firearms, malware and hacking tools, stolen financial data and drugs. Prihar agreed to forfeit $8.4 million, a sum that prosecutors say corresponds to 8,155 bitcoin worth of kickbacks that Prihar and an associate routed through shell companies, currency exchanges and banks.
The current value of 8,155 bitcoin is approximately $481 million.
Prihar is set to be sentenced in August. He is facing a maximum penalty of 20 years in prison.
Industry report
Other cybersecurity news:
Daybook
- Former State Department cyber coordinator Chris Painter speaks at an event hosted by the Business Council on International Understanding on April 6 at 10 a.m.
- Rep. Yvette D. Clarke (D-N.Y.), who chairs the House Homeland Security Committee’s cybersecurity subcommittee, speaks at an event hosted by the Cybersecurity Coalition on April 7 at 2:30 p.m.
