Skip to main content

Lawmakers Say Overhaul Needed to Protect Fed Agencies from Foreign Hacks

March 10, 2021

Lawmakers on Capitol Hill are demanding the federal government beef up cybersecurity, pointing to a series of attacks from hostile nations and the Department of Homeland Security’s current inability to detect and deter complex cyberattacks.

The calls for a renewed focus on cybersecurity come as the federal government reels from the "SolarWinds" hack, in which foreign intruders gained access to vast swathes of federal agency communications and records over the course of 2020. Intelligence agencies are still working to identify the scope of the damage but believe Russian intelligence likely accessed emails from the Treasury Department, the State Department, the National Nuclear Security Administration, and even DHS itself.

In its aftermath, researchers and lawmakers worry that foreign adversaries have the upper hand on the federal government, and that programs including DHS’s EINSTEIN, the first line of defense, are unfit for modern cyberwarfare.

Initially developed in 2003, EINSTEIN is an intrusion detection system that monitors the internet traffic of executive branch agencies to spot bad actors. EINSTEIN is operated by the Cybersecurity and Infrastructure Security Agency (CISA), which is housed within Homeland Security. CISA describes EINSTEIN as an "early warning system" that offers "near real-time identification of malicious cyber activity, and prevention of that malicious cyber activity."

In a statement given to the Washington Free Beacon, Rep. John Katko (R., N.Y.), ranking member on the House Homeland Security Committee, said, "It’s no longer just as simple as telling people to ‘patch their stuff,’" and called for a further centralization of cybersecurity work within CISA. Katko has previously endorsed tapping funds for anti-terrorism infrastructure defenses already available to cities and states for cybersecurity purposes.

...

Rep. Andrew Garbarino (R., N.Y.), the ranking member on the House subcommittee for cybersecurity, emphasized that the need for strong cybersecurity now cuts across nearly all sectors of American life and therefore requires a whole-of-government approach.

"In today's hyper-connected world, cybersecurity is national security," Garbarino said. "Cyber threats are now more prolific than at any time in our history, as is the indiscriminate targeting of the federal government, private sector, state and locals, and private citizens."

...

The Biden administration did not return a request for comment on its timeline to nominate a CISA director or other key cybersecurity appointments.