State and local governments have sought more cyber security services from the Department of Homeland Security’s cyber agency in the past few months, senior agency officials said on Tuesday.
The Cybersecurity and Infrastructure Security Agency (CISA) has “had a significant uptick over the last several months in some our resources that we offer or cyber hygiene scanning,” one of the officials said, adding the state and locals are also requesting “remote penetration testing” of their networks.
Amid the ongoing COVID-19 pandemic, the current civil unrest in a number of U.S. cities, and planning for primary elections in some states and localities on Tuesday, CISA has been “an available partner for state and local folks out there,” the officials said during a background teleconference on election security.
Every U.S. state and the District of Columbia has deployed Albert intrusion detection sensors, which provide security alerts about threats to networks.
“So, we’re in a good spot in terms of visibility and every state is receiving some kind of service from CISA,” the officials said.
CISA stresses “unclassified operations” in its work with customers, which it believes “allows us to act in a more open, nimble environment,” so the shift to teleworking during the pandemic has put the agency “ahead of the game,” they said.
Eight states, including Indiana, Iowa, Maryland, Montana, New Mexico, Pennsylvania, Rhode Island and South Dakota, and the District of Columbia hosted party primaries on Tuesday. The CISA officials said they hosted an unclassified virtual cyber situational awareness room for the primaries and that in addition to federal partners and relevant information sharing and analysis centers, 46 state and local agencies had come in and out of the room by early afternoon, “so, we’re seeing our partners being able to work with us quite effectively in this kind of different operating environment.”
They expect impacts from COVID to remain “for quite some time,” noting that some states are moving to vote-by-mail processes ahead of the presidential elections in November.
“So, this is good practice for November,” they said.
CISA also has some of its people physically present in classified areas to help respond to any election security activity that the intelligence community detects, the agency officials said.
CISA isn’t seeing any unusual cyber activity “specific to the current civil unrest” nationwide that has been aimed at the primary elections, the officials said. Rioting in cities across the U.S. was sparked by the death last week of a black man, George Floyd, while he was being detained by police in Minneapolis, Minn.
CISA is “keeping an eye” on attempted distributed denial of service attacks against Minnesota’s state computer systems and is making recommendations across the country on how to mitigate these attacks, the agency officials said.