Senate Democrats urge DHS to fund cyber threat information-sharing programs

A group of three Senate Democrats is urging the Department of Homeland Security’s (DHS) cyber agency to help fund cybersecurity threat information-sharing centers involved in election security efforts.

In a letter sent on Monday to Christopher Krebs, the director of DHS’s Cybersecurity and Infrastructure Security Agency, Senate Minority Leader Charles Schumer (D-N.Y.), and Sens. Maggie Hassan (D-N.H.) and Gary Peters (D-Mich.) expressed concerns around the funding level for two information-sharing groups.

Specifically, the senators noted that DHS’s proposed fiscal 2020 budget covers only around 70 percent of the estimated $15 million it would take for the Center for Internet Security to run both the Multi-State Information Sharing and Analysis Center (MS-ISAC) and the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC).

“Recently, across the nation our cities and states have suffered from debilitating ransomware attacks that are carried out to extort public funds,” the senators wrote. “Local governments – including small towns, counties, and school districts – simply do not have the budgets, the personnel, or the expertise necessary to deploy sophisticated tools in order to defend themselves against this evolving threat environment.”

Both the MS-ISAC and the EI-ISAC work to coordinate the flow of information on cyber threats from the federal government to state, local and territorial groups, helping to cut down on the impact of cyberattacks.

The proposed budget cut would mean a reduction from $15 million to $10.4 million.

The senators cited concerns around the security of elections headed into 2020 as a reason to ensure the information-sharing centers have the funding they require, writing that “the prospect of a ransomware attack against election infrastructure is real and threatens the foundations of our democracy.”

Ransomware attacks have been a major cybersecurity threat that has increased this year, with school districts and local and state governments across the nation being impacted by malicious groups or actors, who hack into systems, encrypt them and then demand payment before allowing the user access again.

Federal agencies have warned of the threat of ransomware attacks on election infrastructure in recent months, with Anne Neuberger, the director of the cybersecurity directorate at the National Security Agency, saying at an event in September that ransomware attacks could pose a “key concern” for elections.

In light of these concerns, the senators wrote to Krebs that they hoped “you will work with us to address this urgent concern and ensure that DHS provides MS-ISAC and EI-ISAC with the resources necessary to continue their important mission.”