Category Archives: House Homeland Security Committee

Federal election agency adopts updated voting security standards. Not everyone is happy.

Posted on by

The Election Assistance Commission on Wednesday voted to adopt the first comprehensive update to its voting system security guidelines in more than 15 years, concluding a lengthy process that ended with a mixed reception from some election security experts. The security community largely greeted the update as a security upgrade to standards that most states rely upon at least partially for their own equipment testing and certification. A significant number of academics, activists and even some in Congress, though, voiced displeasure in particular for how the so-called Voluntary Voting System Guidelines 2.0 would handle wireless connections on voting systems. The update stands to shape the next generation of voting systems that election vendors produce for use around the country during a period of sinking trust in the electoral process. Regardless, the more than five-year drafting process and resulting EAC vote won’t immediately transform election security because states, equipment manufacturers and […]

The post Federal election agency adopts updated voting security standards. Not everyone is happy. appeared first on CyberScoop.

Continue reading Federal election agency adopts updated voting security standards. Not everyone is happy.

Lawmakers offer Illinois election work as blueprint to secure 2020

Posted on by

U.S. lawmakers on Tuesday heard from Illinois officials who were on the front lines of Russia’s interference in the 2016 election in a hearing that held the state up as a model for election security. Since Russian hackers breached Illinois’ voter registration database in 2016, Illinois officials have set up an internal computer network to better protect voter data, established a “Cyber Navigator” program that embeds IT specialists in local election offices, and used the Illinois National Guard to protect the 2018 midterm vote. “It’s my hope that programs such as this can serve as models for other states,” said Rep. Lauren Underwood, D-Illinois, vice chairwoman of the House Homeland Security Committee, which held the hearing. She was referring to the Cyber Navigator program, to which Illinois has dedicated roughly $6.9 million, the great majority of it federal grant money. To build on progress in Illinois and elsewhere, election security experts have called for larger […]

The post Lawmakers offer Illinois election work as blueprint to secure 2020 appeared first on CyberScoop.

Continue reading Lawmakers offer Illinois election work as blueprint to secure 2020

Democrats ask Trump administration to publish 2018 election security report

Posted on by

Democratic lawmakers are calling on the Trump administration to release a public report on efforts to secure the 2018 midterm elections so the country can learn what worked and what didn’t. “It’s important for the public to have confidence in our election systems,” Rep. Jim Langevin, D-R.I., told CyberScoop Wednesday. “In order to have confidence, I think there has to be transparency.” The departments of Homeland Security and Justice on Feb. 4 sent a classified report to President Donald Trump assessing foreign attempts to interfere in the 2018 midterms. Officials found no evidence that foreign operatives had a “material impact on the integrity or security” of election or campaign infrastructure used in the midterms, according to a statement summarizing the report. That terse statement is insufficient for lawmakers like Langevin. In the interest of transparency and making improvements, they say, the administration should publish an assessment of security in the […]

The post Democrats ask Trump administration to publish 2018 election security report appeared first on CyberScoop.

Continue reading Democrats ask Trump administration to publish 2018 election security report

Rep. Langevin: We need a DHS briefing to understand extent of DNS hijacking threat

Posted on by

A key House Democrat wants the Department of Homeland Security to brief lawmakers “as soon as possible” on a new domain name system hacking threat to federal computer networks, and the emergency order the department issued in response. DHS should brief members of the House Homeland Security Committee on the cyberthreat because “we need to understand the scope of this action and how many agencies were actually affected,” Rep. Jim Langevin, D-R.I., said in an interview Wednesday. Langevin was reacting to a rare emergency directive that DHS issued Tuesday ordering civilian agencies to tighten security controls in the face of a suspected Iranian hacking campaign. DHS issued the order out of concern that civilian agencies could be vulnerable to cyberattacks on platforms for managing domain name system (DNS) records, which help ensure that a computer user reaches an intended website. By manipulating DNS records, hackers could direct unwitting users to malicious websites. At least […]

The post Rep. Langevin: We need a DHS briefing to understand extent of DNS hijacking threat appeared first on CyberScoop.

Continue reading Rep. Langevin: We need a DHS briefing to understand extent of DNS hijacking threat

DHS security unit makes another big hire from elsewhere in government

Posted on by

The federal agency charged with protecting U.S. infrastructure — including its computer networks — has hired Daniel Kroese, the chief of staff for Republican Rep. John Ratcliffe, as a senior adviser. The National Protection and Programs Directorate (NPPD), part of the Department of Homeland Security, brings on Kroese as the Trump administration and Congress are seeking to harden U.S. cybersecurity, including its elections systems. Kroese, who announced the hire in an email to colleagues, will arrive at NPPD with close contacts throughout Congress. The move follows NPPD’s addition of Matthew Masterson, the former chairman of the Election Assistance Commission (EAC), as another senior adviser. Masterson’s role is focused on election security. It’s not clear yet what Kroese will specialize in at NPPD. “After a remarkable 4+ years, today will be my last day working for Congressman John Ratcliffe,” Kroese said in an email to colleagues. “I will soon be starting as Senior Advisor […]

The post DHS security unit makes another big hire from elsewhere in government appeared first on Cyberscoop.

Continue reading DHS security unit makes another big hire from elsewhere in government

Rep. Mike McCaul: It’s taken too long to reauthorize NPPD

Posted on by

Representatives on the House Committee on Homeland Security stressed the need for attention to cybersecurity issues at an event addressing the state of national security on Monday at George Washington University. Committee Chairman Rep. Michael McCaul, R-Texas, painted a bleak picture when it comes to the cybersecurity threats the U.S. faces from foreign adversaries. He also promoted ongoing Congressional efforts to reorganize the office inside the Department of Homeland Security that oversees national cybersecurity infrastructure. “Our adversaries, both nation-state and non-state actors, threaten us around the clock in cyberspace,” McCaul said. “Whether it’s North Korea launching a global cyberattack crippling infrastructure, to China stealing our nation’s valuable intellectual property, to Russia conducting disinformation warfare campaigns to sow discord among our people, to Iran attacking our financial institutions, to terrorists spreading evil propaganda over the internet, to criminals taking our financial and personal information, we are all exposed to harm.” McCaul touted […]

The post Rep. Mike McCaul: It’s taken too long to reauthorize NPPD appeared first on Cyberscoop.

Continue reading Rep. Mike McCaul: It’s taken too long to reauthorize NPPD

Experts say government’s information sharing program is all take and no give

Posted on by

Information sharing among private sector companies and with the federal government suffers from a tragedy of the commons, lawmakers were told Wednesday — everyone wants to receive information about cyberthreats, but few are prepared to make the effort to give back. “To do information sharing, that takes work,” said former White House cyber official Rob Knake, testifying on behalf of the Global Resilience Institute before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection. Additional staff have to be hired, or existing ones assigned away from their regular duties, he said. Especially during the immediate aftermath of a hack, “That’s the last thing you want to do.” But it is precisely at that time that the value of sharing is greatest, he added, calling that “One of the hardest problems in information sharing — when you’re attacked, sharing information doesn’t help you, it helps everyone else. When an incident happens, what everybody wants […]

The post Experts say government’s information sharing program is all take and no give appeared first on Cyberscoop.

Continue reading Experts say government’s information sharing program is all take and no give

House committee dings DHS’s cyber intelligence for fusion centers

Posted on by

Fewer than one-in-four Homeland Security fusion centers across the country receive cyberthreat reporting or other intelligence products from DHS’ National Protection and Programs Directorate, hampering their nascent efforts to help defend the country against online attacks, a congressional report said Tuesday. Those efforts are further hampered because fusion center representatives do not sit on the floor of NPPD’s 24 hour watch center, the National Cybersecurity and Communications Integration Center (NCCIC), the majority staff of the House Homeland Security Committee found. The report includes material from dozens of interviews and a long survey completed by 68 major fusion centers across the country. The centers were set up to integrate state and local law enforcement agencies into DHS’ homeland protection mission by providing them with threat warnings they could use to inform their local priorities and by vacuuming up local intelligence reporting in the hope that it could cast light on national trends or geographically dispersed terrorist […]

The post House committee dings DHS’s cyber intelligence for fusion centers appeared first on Cyberscoop.

Continue reading House committee dings DHS’s cyber intelligence for fusion centers

Question for states: Why isn’t more DHS grant money funneled to cybersecurity?

Posted on by

A House bill to reauthorize the Department of Homeland Security includes a requirement to study why state and local governments have not been using homeland security grant programs to fill the large gaps in their cybersecurity defenses. The requirement was added by voice vote during a markup of the bill by the House Homeland Security Committee as an amendment proposed by Rhode Island Democrat James Langevin. It requires figures on the amount of DHS grant money spent by state and local governments on cybersecurity over the past decade; and a report on “obstacles and challenges related to using grant funds to improve cybersecurity.” “In the [security, threat and risk] self-assessments they do, states consistently identify cyberattacks as one of their top-tier man-made threats, if not one of their top-tier risks overall. And they put cybersecurity at the top of the list of capability gaps they have,” explained a House aide familiar with […]

The post Question for states: Why isn’t more DHS grant money funneled to cybersecurity? appeared first on Cyberscoop.

Continue reading Question for states: Why isn’t more DHS grant money funneled to cybersecurity?