DHS

Tag Archive

National: ‘We’re doubling down.’ DHS insists it’s not reducing election security efforts | The Washington Post

The Homeland Security Department is actually surging its efforts to protect elections against foreign hackers during the two years leading up to the 2020 elections — not winding them down, the agency’s top cybersecurity official insists. Chris Krebs, who leads DHS’s Cybersecurity and Infrastructure Security Agency, was punching back Thursday against a Daily Beast report citing anonymous staffers who said the department was reducing its election security efforts following the midterms to invest more in border security and other Trump administration priorities. “The department’s election security and countering foreign influence security-related efforts are not going anywhere,” Krebs said. “In fact, we’re doubling down.” The article made waves in the security community because even a perception that the government isn’t serious about securing elections against Russian hackers could damage trust in the result in the 2020 election.  Federal officials — including Krebs himself — have warned Russia may have viewed the midterms as merely a “warm-up” for 2020 when more Americans will be looking for signs of foreign influence. That stakes for officials such as Krebs are especially high because President Trump has wavered on whether he believes Russia was responsible for its hacking and disinformation campaign to influence the 2016 presidential contest.

Full Article: The Cybersecurity 202: 'We're doubling down.' DHS insists it's not reducing election security efforts - The Washington Post.

National: CISA says it’s ramping up election security efforts for 2020 | FCW

The head of the Department of Homeland Security’s cybersecurity wing is pushing back on a media report that the agency has scaled back personnel and resources from its combatting foreign election interference. Cybersecurity and Infrastructure Security Agency Director Chris Krebs hosted a conference call with reporters less than 24 hours after The Daily Beast published a story that quoted multiple anonymous DHS officials who said two CISA task forces focused on coordinating the department’s response to foreign influence in U.S. elections were significantly downsized shortly after the mid-terms. Krebs didn’t deny that personnel levels for the task forces were reduced. He characterized the task forces as temporary vehicles to address an emerging threat while CISA worked to hire staff and build more permanent institutional capacity to tackle the issue.

Full Article: CISA says it's ramping up election security efforts for 2020 -- FCW.

National: DHS Guts Task Forces Protecting Elections From Foreign Meddling | The Daily Beast

Two teams of federal officials assembled to fight foreign election interference are being dramatically downsized, according to three current and former Department of Homeland Security officials. And now, those sources say they fear the department won’t prepare adequately for election threats in 2020. “The clear assessment from the intelligence community is that 2020 is going to be the perfect storm,” said a DHS official familiar with the teams. “We know Russia is going to be engaged. Other state actors have seen the success of Russia and realize the value of disinformation operations. So it’s very curious why the task forces were demoted in the bureaucracy and the leadership has not committed resources to prepare for the 2020 election.”

Full Article: Trump’s DHS Guts Task Forces Protecting Elections From Foreign Meddling.

National: Lawmakers quiz officials on 2020 election security measures | The Hill

Lawmakers questioned federal officials Wednesday about the importance of passing election security measures ahead of the 2020 contests, pressing witnesses on the threat posed by foreign actors to influence U.S. elections. Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security (DHS), testified during the House Homeland Security Committee hearing Wednesday that the federal government is “lightyears ahead” of where it was in 2016 when it came to communicating with state and local officials. But he said improving outreach and communication with those officials is a top priority for his department ahead of 2020. Krebs also said that being able to audit elections is a pressing issue for his agency, and that records of votes, like paper trails, will help officials confirm election results. The DHS official added that basic cybersecurity remains a crucial issue, saying he fears any gaps could expose vulnerabilities in systems that could be abused by hackers.

Full Article: Lawmakers quiz officials on 2020 election security measures | TheHill.

National: DHS prioritizes restart of election security programs post-shutdown | CNN

Since the shutdown ended, the Department of Homeland Security has prioritized the resumption of its election security programs, some of which were forced to go on hiatus during the lapse in government funding, according to Cybersecurity and Infrastructure Security Agency Director Chris Krebs. “Coming out of the shutdown, anything that had paused on election security-related activities was put on the top of the priority list for restart,” he said. Krebs told CNN that if there was an active threat during the shutdown, the department was able to respond by conducting assessments and hunting down the threat. “What paused was the more routine vulnerability assessments,” he said. Those included a “couple of the election security-related” assessments run by the department, specifically focused on state networks.

Full Article: DHS prioritizes restart of election security programs post-shutdown - CNNPolitics.

National: DHS Wants to Expand the Reach of Its Critical Infrastructure Cyber Training | Nextgov

The Homeland Security Department wants to surge its ability to train critical infrastructure owners and operators on cybersecurity, according to a contracting document released Wednesday. The department is seeking a video conferencing service that it can use to provide cybersecurity webinars to 5,000 or more critical infrastructure operators simultaneously, according to the contracting document. The term critical infrastructure refers to 16 sectors the government has determined are vital to the nation’s successful operation. They include hospitals, banks, energy plants, dams and transportation hubs such as airports and train stations. The department officially designated election infrastructure, such as voting machines and voter rolls, critical infrastructure in January 2017, after Russian efforts to breach those systems during the 2016 elections.

Full Article: DHS Wants to Expand the Reach of Its Critical Infrastructure Cyber Training - Nextgov.

National: Homeland Security’s biggest election concern is what comes after you vote | CNET

The biggest concern for election security isn’t about Election Day — it’s about the day after, Department of Homeland Security Secretary Kirstjen Nielsen said. “My biggest concern is that a foreign entity will take the opportunity after the election, or the night of the election, to attempt to sow discord through social media by suggesting that something’s not working as it should in a particular area,” Nielsen said Friday morning at a Council on Foreign Relations event in New York. The conversation with Nielsen about comes just four days before Election Day and amid major DHS efforts to protect the US elections from foreign interference. That includes assisting election officials in all 50 states, creating its own center toprotect critical infrastructure, and attending Defcon to learn about voting machine flaws. While DHS is working to protect the machines and make sure voting officials are prepared, it’s that wave of disinformation on social media that’ll follow the election that Nielsen’s most worried about.

Full Article: Homeland Security's biggest election concern is what comes after you vote - CNET.

National: Fewer than half of US states have undergone federal election security reviews ahead of midterms | ABC

With only a week left before the 2018 midterm elections, fewer than half of U.S. states have submitted to a Department of Homeland Security assessment of their vulnerabilities to vote hacking. Under the department’s National Protection and Programs Directorate, the agency branch that coordinates cyber protection of U.S. infrastructure, a team of DHS officials are prepared to examine statewide election systems. They can check for cybersecurity vulnerabilities and run in-person exercises like phishing tests to ensure election officials are prepared to guard against attempts to hack their email accounts. The Department of Homeland Security has already provided or is scheduled to provide the service, which is free for states that request it, to only 21 states, a department spokesman told ABC News, concerning election experts who fear some states may not be aware of potential vulnerabilities.

Full Article: Fewer than half of US states have undergone federal election security reviews ahead of midterms.

National: DHS: Election officials inundated, confused by free cyber-security offerings | ZDNet

lection officials across the US are inundated and confused by the plethora of free cyber-security offerings that the private sector has made available in the past months, a Department of Homeland Security official said last week. … But while the actions of these companies were driven by a desire to help, a DHS official says these free offerings have managed to create confusion with some election officials. “So what we’ve seen is a lot of the cyber-security companies and the IT companies offering free services, which I think is a great move forward,” said Christopher Krebs, Under Secretary for National Protection and Programs Directorate at the DHS, in an interview on the Cyberlaw Podcast, last week.

Full Article: DHS: Election officials inundated, confused by free cyber-security offerings | ZDNet.

National: Security Clearances Won’t Get in the Way of Responding to Election Cyber Threats, Officials Say | Nextgov

A lack of security clearances among some state and local election officials shouldn’t hinder the Homeland Security Department from responding speedily to Election Day cybersecurity threats, the department’s top cyber official said Wednesday. Even if state and local election officials don’t have the necessary authorizations to view a particular piece of threat information, Homeland Security Undersecretary Chris Krebs said he’s confident those officials will start trying to mitigate the threat if he asks them to. “I’m confident that if I had a piece of information right now …I could say: ‘Look, I’ve got something you need to see. You need to take action. It’s going to take me a day or two to get you the information, but, in the meantime, you need to take action,” Krebs during an election readiness summit hosted by the Election Assistance Commission.\ “We have trust established so there would be at least the beginning of an article of faith that they would do something,” he said.

Full Article: Security Clearances Won’t Get in the Way of Responding to Election Cyber Threats, Officials Say - Nextgov.

National: DHS says teamwork is improving election security | FCW

A month out from the 2018 midterms, all eyes are on the Department of Homeland Security as it approaches its first real test since being given a broader election security mandate in the wake of the 2016 presidential elections. Speaking at a cybersecurity event hosted by the Washington Post, DHS Secretary Kirstjen Nielsen highlighted improvements in information sharing across the federal government and with state and local officials as well as closer relationships with stakeholders that will lead to faster coordination in the wake of an emerging threat. “First of all, the information sharing is much stronger than it even has been before,” said Nielsen when asked what had changed in the department’s approach since 2016. “So [we’re] working very closely with the intel community, and the moment that we see something significant we are — in conjunction with the IC — sharing with our state and local partners. The sharing is quicker, faster, more tailored.”

Full Article: DHS says teamwork is improving election security -- FCW.

National: DHS ramping up election security coordination | Politico

DHS will boost coordination and information sharing efforts on election security threats later this month in the run-up to the midterms, a senior agency official said Tuesday. The “heightened operational posture” will take effect Sept. 21, as absentee ballots begin streaming in, Bob Kolasky, director of DHS’s new National Risk Management Center, told reporters after a panel discussion at the Intelligence and National Security Summit in National Harbor, Md. The agency’s Election Task Force “continues to be the hub of DHS election activity,” according to Kolasky. But there will be “enhanced coordination” and “heightened information sharing” among the department’s various agencies and partners, including the Defense Department, 45 days before voters go to the polls, Kolasky explained. He noted that while the increase is in part time-driven, there are no plans “to change the nature of how we work with states in the run-up to the elections.”

Full Article: DHS ramping up election security coordination - POLITICO.

National: DHS chief calls on officials in all 50 states to have ‘verifiable’ ballots by 2020 election | The Hill

Homeland Security Secretary Kirstjen Nielsen on Wednesday called on election officials in all 50 states to ensure that ballots used during the 2020 presidential election are able to be audited. Nielsen told a group of reporters touring the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Va., that she wants “all state and local election officials to make certain that by the 2020 presidential election, every American votes on a verifiable and auditable ballot.” “Our systems must be resilient. We must be able to demonstrate that the votes count and that they are counted correctly,” she added.

Full Article: DHS chief calls on officials in all 50 states to have 'verifiable' ballots by 2020 election | TheHill.

National: How DHS is gearing up to protect the midterms from hackers | CNBC

With all the concern over cybersecurity heading into the midterm elections, it’s actually quite difficult for outsiders to directly manipulate votes. Unlike corporate networks and email systems, voting machines aren’t connected to the internet, making them hard to access. So as government officials prepare for the hotly contested congressional elections in November, their focus is more on protecting the integrity of the systems that support the pre- and post-voting periods than on the ballots themselves. “This is about more than just voting machines,” Jeanette Manfra, the top cybersecurity official at the Department of Homeland Security, told CNBC in an interview on Wednesday. “If an [attacker] was intent on sowing discord, how could they do that? It involves us looking at the broad elections administration process.”

Full Article: How DHS is gearing up to protect the midterms from hackers.

National: DHS works to strengthen election security on heels of bipartisan legislation | BiometricUpdate

What one congressional observer called, “a day late and a dollar short,” the bipartisan Prevent Election Hacking Act of 2018 (HR 6188) was recently introduced and referred to the House Committee on House Administration. If passed, it would “direct the Secretary of [the Department of] Homeland Security [DHS] to establish a program to improve election system cybersecurity by facilitating and encouraging assessments by independent technical experts to identify and report election cybersecurity vulnerabilities, and for other purposes.” An industry cybersecurity official said on background to Biometric Update that, “HR 6188’s potentially ground breaking — sorry, overstated deliberately — concept of outsourcing cybersecurity execution to the private sector is something worth looking into.”

Full Article: DHS works to strengthen election security on heels of bipartisan legislation | BiometricUpdate.

National: Election security legislation may be gaining steam in Congress | The Washington Post

Momentum may finally be building in Congress to take new action to secure the elections from cyberthreats as the midterms approach. Lawmakers have struggled to advance election security legislation in the months since they approved a $380 million funding package for states to upgrade their election systems. But a flurry of election-related hearings on Capitol Hill in recent weeks — including a pair of hearings Wednesday that featured testimony from some of the government’s top cybersecurity and election officials — shows they’re sharpening their focus on the issue. And the latest attention could help move bipartisan legislation to combat election cyberthreats closer to the goal line as November nears and intelligence officials warn of ongoing attempts by the Russian government to disrupt the U.S. political system. “The tone has changed so it’s much more forward-looking in terms of, ‘Let’s figure out what we can get done,’ ” said Sen. Amy Klobuchar (D-Minn.), co-sponsor of Secure Elections Act, which would streamline the way state and federal officials exchange threat information and has garnered broad support in the Senate. “Congress, I think, has realized our role has to focus on what’s in front of us, and that’s protecting the 2018 and 2020 elections from foreign interference.”

Full Article: The Cybersecurity 202: Election security legislation may be gaining steam in Congress - The Washington Post.

Florida: Elections supervisors urged to take federal help on security | Tampa Bay Times

Florida election supervisors should take advantage of help from the Department of Homeland Security to make systems more secure, Sens. Marco Rubio and Bill Nelson wrote in a letter Monday. “County election boards should not be expected to stand alone against a hostile foreign government,” the lawmakers said in recommending “a wide range of services” from DHS to strengthen security. “We encourage you in the strongest terms to take advantage of those resources, and to let us know about your experience with DHS and FBI.”

Full Article: Florida elections supervisors urged to take federal help on security | Tampa Bay Times.

National: National labs will probe election tech for vulnerabilities under planned DHS program | CyberScoop

The government is currently planning a cybersecurity program that would allow federally funded national scientific laboratories to privately probe and then document security flaws existing in U.S. election technology, most of which is developed and sold by private companies, according to a senior U.S. official. Rob Karas, director of the National Cybersecurity Assessments and Technical Service team at the Homeland Security Department, said that multiple election technology vendors had already shown an interest in engaging on the effort. Karas declined to name the firms, but said the initiative will begin later this summer. The outreach process is still ongoing.

Full Article: National labs will probe election tech for vulnerabilities under planned DHS program.

National: DHS steps up security assistance for states’ election systems | GCN

State and local elections officials  preparing for the 2018 elections are strapped for time and resources, but the Department of Homeland Security’s National Protection and Programs Directorate is stepping in to help. Two weeks ago, at the request of the Elections Government Coordinating Council, NPPD released guidance on what states and localities should do with their share of the $382 million from 2018 Help America Vote Act Security Fund, said Matt Masterson, NPPD senior cybersecurity advisor, during a June 12 Senate Judiciary Committee hearing. NPPD provided insights on where the money should be used to address risks in the election process. “We focused first on common IT vulnerabilities that exist across elections — things like patching, training for phishing campaigns as well as manpower,” Masterson said.

Full Article: DHS steps up security assistance for states' election systems -- GCN.

National: DHS official: States will probably know first if malicious cyber-activity hits primaries | CyberScoop

The Department of Homeland Security is on standby to alert state officials about any malicious cyber-activity during Tuesday’s primary elections, but the states themselves will likely know first if something is amiss, Matthew Masterson, a senior cybersecurity adviser at DHS, told CyberScoop. With voters going to the polls in eight states, Tuesday’s primaries are a chance for DHS to test the communication protocols it has sought to ingrain in election personnel across the country. State officials, who generally have the best views of their networks, will flag potentially malicious activity for DHS, which can in turn alert other states, according to Masterson. “If we see or have information to suggest something is going on, we have the ability to immediately share it with the states,” he said in an interview. Ahead of the midterm elections, DHS has looked to “ramp up” its cyberthreat reports to state officials to get them information that is easily understood and not overly technical, Masterson added.

Full Article: DHS official: States will probably know first if malicious cyber-activity hits primaries.