March 02, 2022

Gillibrand, Schumer Push For Boost In Cybersecurity Funding As Russia Cyber Attacks Threaten New York State

U.S. Senator Kirsten Gillibrand (D-NY), member of the Senate Armed Services Committee and Senate Select Committee on Intelligence, and U.S. Senate Majority Leader Charles Schumer (D-NY) today pushed for a significant increase in cybersecurity funding to help New York State combat the threat of Russian cyber attacks. 

Given the increased threat to New York State from Russian cyber attacks, Schumer and Gillibrand sent a letter to Senate Appropriations Committee leadership pushing for an significant increase in cybersecurity funding for the Multi-State Information Sharing & Analysis Center (MS-ISAC) program, a successful example of a partnership-based approach to building cybersecurity resilience and coordination between federal, state and local entities. The MS-ISAC program was funded for FY21 at $27.014 million and Schumer and Gillibrand are pushing to increase funding for this program. 

“Due to the Russian invasion of Ukraine, the U.S. and our allies have leveled severe sanctions against Russia, which has increased the risk of retaliatory cyber attacks, particularly against New York State infrastructure and individuals,” said Senator Gillibrand. “It is critical that we boost funding to protect New York State and the country from cyber threats from Russia. The United States must act quickly to strengthen our cyber defenses to meet this unwarranted and unprovoked Russian aggression.”

Protecting our government, our businesses, critical infrastructure, and our utilities from cyberattack has assumed even greater importance with Putin’s unjustified aggression in Ukraine and recklessly threatening cyberattacks throughout the world,” said Senator Schumer. “That’s why we are pushing for increased funding to the Center for Internet Security’s Multi-State Information Sharing and Analysis Center (MS-ISAC) – a New York based national leader in building cybersecurity resilience and coordination between federal, state, and local entities.”

In 2010, DHS designated the MS-ISAC as the focal point for cyber threat prevention, protection, response, and recovery for the nation’s state, local, territorial, and tribal (SLTT) governments as well as Fusion Centers. The MS-ISAC is used by all 56 states and territories and more than 12,500 other?local governments to receive up-to-date information on and analysis of cyber threats. Additionally, the Center for Internet Security, which houses the MS-ISAC, also houses the Elections Infrastructure Information Sharing & Analysis Center (EI-ISAC), which provides election systems professionals with a full cyber-defense suite of hardware, software, and expertise to fend off the threat of foreign interference. 

The full text of the letter can be found here and below.

 

Dear Chairmen Leahy and Murphy, and Ranking Members Shelby and Capito,

Thank you for your continued support for the cybersecurity readiness and response activities at the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA). As you finalize the Fiscal Year (FY) 2022 funding package, we respectfully request significant, dedicated funding for the Multi-State Information Sharing & Analysis Center (MS-ISAC). The President’s Budget provides $2.1 billion for CISA, a $110 million increase from the 2021 enacted level and which builds on the $650 million provided for CISA in the American Rescue Plan Act of 2021.  We urge you to consider dedicating increased funding beyond the FY21 enacted level of $27.014 million for the MS-ISAC program, which is a successful partnership-based approach to building cybersecurity resilience and coordination between federal, state, and local entities.

Extensive cyberattacks on Ukraine’s critical infrastructure underscores the need for continued action to defend our homeland and help protect our allies. The Department of Homeland Security (DHS) recently released its “Shields Up” message recommending, “all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.” DHS outlined the continuing need to change from a reactive to proactive stance.MS-ISAC can play a critical role in this work.

Furthermore, the 2021 National Threat Assessment of the U.S. Intelligence Community outlines that cyber threats from China, Russia, North Korea and Iran will remain acute and, “are demonstrably intertwined with threats to our infrastructure and to the foreign malign influence threats against our democracy”.  Countries are increasing their use of cyber operations as a projection of national power.  This is playing out as part of a Russian hybrid approach in Ukraine, in Iranian attacks on Israeli water sanitation facilities, and China’s focus on compromising telecommunications and other critical infrastructure around the world. In New York, hackers penetrated the Metropolitan Transportation Authority’s computer systems as well as the New York Law Department. Cybersecurity and ransomware threats, especially for state, local, territorial, and tribal governments (SLTTs), have been increasing in volume and magnitude for years and they need assistance to combat this threat and this is another area where MS-ISAC can serve well. 

Located in Rensselaer County, NY, the Center for Internet Security (CIS) operates as a 501(c)(3) nonprofit organization to advance cybersecurity readiness and response for public and private sector enterprises and is home to the MS-ISAC. Created in 2002, it plays a paramount role in the prevention of, protection from, response to, identification of, and recovery from cyber-attacks against SLTT governments. In 2010, DHS designated the MS-ISAC as the focal point for cyber threat prevention, protection, response, and recovery for the nation’s state, local, territorial, and tribal (SLTT) governments as well as Fusion Centers. The MS-ISAC is used by all 56 states and territories and more than 12,500 local governments to receive up-to-date information on, and analysis, of cyber threats. Additionally, CIS houses the Election Infrastructure Information Sharing & Analysis Center (EI-ISAC) which provides election systems professionals with a full cyber-defense suite of hardware, software, and expertise to fend off the threat of foreign interference.

MS-ISAC supports information sharing among SLTTs through a broad range of programs, services, and educational forums. For example, MS-ISAC’s 24x7x365 Security Operation Center (SOC) provides early cyber threat warnings, threat advisories, vulnerability identification and mitigation, malware and forensic analysis, automated threat feeds and incident response support. These services enhance situational awareness of SLTT networks across the country, including the national cyber situational awareness prepared by the National Cybersecurity and Communications Integration Center (NCCIC). This collective situational awareness of the overall threat landscape enables the MS-ISAC to better assist all SLTT with threat and migration resources and to use its trusted relationships with SLTTs to ensure a two-way, free flow of information between the SLTTs and DHS.

Additional, dedicated funding for the MS-ISAC would allow for expansion of the ‘Albert’ Sensors program or development of new tools like “Malicious Domain Blocking and Reporting” (MDBR)  and ‘Endpoint Detection and Response’ (EDR) —critical tools in the fight against cyberattacks of all kinds. Albert is an Intrusion Detection System (IDS) that uses open source software combined with the expertise of the MS-ISAC SOC to provide enhanced monitoring capabilities and notifications of malicious activity. The Albert threat detection system is an extremely effective and enormously cost-efficient investment in protecting SLTT organizations against malware threats, including ransomware. The average time from an Albert threat detection to the SOC notifying the affected organization is five minutes or less. The additional funding would also allow for development and broad deployment to SLTT governments of solutions for SLTTs not covered by Albert such as MDBR and EDR, including protection and detection capabilities as we transition to increased use of encryption in support of the recent Presidential cyber security executive order. Additional dedicated funding for the MS-ISAC would allow for the long-term planning and scaling required so that these systems can be fully implemented for improved coordination and threat response across the whole-of-government.

CIS is also the home of the Critical Security Controls, the set of internationally recognized prioritized actions that form the foundation of basic cyber hygiene--network defense that has been demonstrated to prevent 80-90% of all known pervasive and dangerous cyberattacks. The Controls act as a blueprint to improve cybersecurity by identifying specific actions to be done in priority order. In order to quickly and more directly fight cyberattacks on our nation’s 16 critical infrastructure sectors, CIS would organize and coordinate a public-private partnership cyber defense initiative for DHS’s Cybersecurity Infrastructure and Security Agency (CISA) based on the CIS Controls.

Increased, dedicated funding for the MS-ISAC would be one of the most cost-effective and resource-efficient tools that our local governments have against the outsized threat we face today and we urge your support of this request

Thank you for your consideration.