Cybersecurity

House approves legislation to send cybersecurity resources to state, local governments

The House on Wednesday unanimously approved legislation that would send cybersecurity resources to state and local governments, which have been increasingly targeted by hackers during the past two years. 

The State and Local Cybersecurity Improvement Act, which has bipartisan support, would create a $400 million grant program at the Department of Homeland Security to provide financial resources for state and local governments to defend against and respond to cyberattacks. 

The bill would also require DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to develop a strategy to shore up the cybersecurity of state, local, territorial and tribal governments. 

The bill now moves to the Senate, where timing on a vote is unclear. 

The legislation is sponsored by Reps. Cedric Richmond (D-La.) and Lauren Underwood (D-Ill.), the former and current chairs respectively of the House Homeland Security Committee’s cybersecurity subcommittee,  and John Katko (R-N.Y.), the ranking member of the subcommittee.

Other sponsors include House Homeland Security Chairman Bennie Thompson (D-Miss.), House Foreign Affairs Committee ranking member Michael McCaul (R-Texas), Reps. Derek Kilmer (D-Wash.) and Dutch Ruppersberger (D-Md.), and a dozen other bipartisan members. 

Richmond pointed to cyberattacks on city governments in Atlanta and New York, along with networks in his district in Louisiana, in calling for the defense of state and local networks. 

“For too long, the Federal Government has ignored a growing national security problem — vulnerable state and local networks,” Richmond said in a statement. 

Underwood, who took over as chair of the cybersecurity subcommittee last week after Katko stepped down to serve on the House Ways and Means Committee, said Wednesday that as chair she planned to “make sure the federal government brings all of its resources to bear to help defend state and local networks against cyberattacks.”

Katko also referenced recent ransomware attacks on city systems in New York in emphasizing that state and local governments need cybersecurity support. 

“To ensure our community is protected against crippling, and often costly cyberattacks, I will continue working with Republicans and Democrats to pass common sense legislation that addresses our nation’s cyber vulnerabilities,” Katko said in a statement. 

Cyber threats have become an increasingly serious challenge for state and local governments both before and during the COVID-19 pandemic. 

Both the city governments of New Orleans and Baltimore were brought to their knees by ransomware attacks over the past year, while a coordinated attack crippled systems in almost two dozen Texas towns last year. 

School districts in particular have been hit hard over the past month as students returned to mostly online classes, with districts in Miami and Fairfax County, Va., facing class disruptions due to cyberattacks. 

The legislation approved Wednesday is not the first bill to be floated to address state and local cybersecurity concerns. 

A bipartisan bill introduced in the House and Senate last month would provide $28 billion in federal aid to state and local governments to help shore up their IT infrastructure in the midst of the COVID-19 pandemic. 

State and local officials have begged Congress to appropriate funds for technology modernization and cybersecurity relief during the ongoing pandemic, with a coalition of groups requesting in April that Congress create a “dedicated cybersecurity program” to address new challenges. 

“State and local governments should not have to fend for themselves as foreign adversaries and cyber criminals have targeted their networks,” Thompson, whose committee has jurisdiction over many cybersecurity issues, said in a statement. “Making smart investments in cybersecurity at the State and local level is not only fiscally responsible, it is a national security issue.”