The Department of Homeland Security struggles to evaluate the network security of state and local governments, according to a top federal cybersecurity official who recently spoke at FedScoop’s FedTalks event in Washington. StateScoop reports that this is particularly troubling given the increased threat of cyberattacks by foreign adversaries.
“We don’t have good visibility in the state and local dot-gov [domain],” Rick Driggers, the deputy assistant director for cybersecurity at DHS’s Cybersecurity and Infrastructure Agency, stated at the event.
Driggers recommended that state and local governments redouble their information sharing with federal cybersecurity authorities, as hackers working on behalf of foreign governments have turned their attention to disrupting state and local governments.
“We’ve seen in the last couple years more focused attention from nation-state adversaries, particularly with ransomware to attack or cause disruption at the state and local level,” Driggers added. “At the end of the day, the state and local governments provide a lot of very valuable critical services to their populations. Those services going down causes a lot of disruption.”
Ransomware attacks on local governments are not an unfounded concern. The SamSam virus interrupted municipal functions in Atlanta in March 2018, while Baltimore is still reeling from a RobinHood malware attack. Driggers describes current resistance to federal assistance, citing Baltimore not following up on the DHS’ offer to provide cybersecurity services in the wake of the ransomware attack.
“We want to work with them to offer them our services and capabilities. All the localities are different in terms of the laws and the resources they have to cover down on cybersecurity. The ability to hire and retain and pay cybersecurity professionals to be engaged, to work day in and day out, is a huge challenge.”
“We want to work with them to offer them our services and capabilities,” he explained off-stage. “All the localities are different in terms of the laws and the resources they have to cover down on cybersecurity. The ability to hire and retain and pay cybersecurity professionals to be engaged, to work day in and day out, is a huge challenge.”
While the level of collaboration remains less than ideal at the moment, Driggers pointed to the Cybersecurity and Infrastructure Security Agency’s recent work with state and local election authorities on voting infrastructure as an example of new partnerships on the horizon. While these developments are promising, Driggers believe they’re insufficient.
“There’s also a lot of other infrastructure that the state and local community either owns or operates or they share a partnership with their local private sector,” he said. “And we want to make sure they’re leveraging the services and capabilities that we have and that we understand what the risk profiles are so we adjust the services and make sure that we are working on them.”