Cybersecurity and Infrastructure Security Agency (CISA) Director Chris Krebs told the nation’s mayors this week that the Federal government needs to ensure that state and local governments have the resources needed to combat growing cybersecurity concerns, and said that heightened security threats from Iran and elsewhere may help provide governments with the leverage to get that done.
Speaking at a U.S. Conference of Mayors event on Jan. 22, Krebs talked about general cyber threats to SLGs, and also possible threats from Iranian hackers.
State and local governments have faced a barrage of cybersecurity assaults in recent months, with Louisiana (with two attacks), New Orleans, Baltimore, Flagstaff, Ariz., Texas, Syracuse, N.Y., Lake City, Fla., Pensacola, Fla., all on the victims list. Krebs reinforced that those kind of attacks are “happening on a daily basis,” and told the mayors that “if you have not already experienced it, it’s really a question of when.”
In the wake of increased tensions with Iran following the Jan. 3 killing of Iranian Maj. Gen. Qassim Soleimani in a U.S. air strike, CISA issued notices about potential retaliatory cybersecurity actions by Iran. Those notices were sent to CISA’s critical-infrastructure partners including state and local governments, and the agency held multiple conference calls about the threat that Krebs said drew more than 5,000 participants each.
Those heightened risks, Krebs said, can also be viewed as an opportunity to create support for greater government security efforts.
“While it may look like this thing has cooled off for the time being, let’s take advantage of this moment,” Krebs said. He said it was important to “take advantage of this heightened awareness” among state and local officials to security risks, whether those may emanate from Iran or other sources.
Despite an apparent de-escalation of the Iranian threat, Krebs said that more generalized threats to state and local government security aren’t going away. “Even if the Iranian threat is gone, you know what’s still out there? Ransomware – that’s something every single person in this room needs to be thinking about and thinking about intimately,” he said.
Krebs also addressed what U.S. mayors can and cannot expect from CISA. He said the agency isn’t going to be the one that comes in and “rebuilds your network,” but that it can “be that trusted advisor that doesn’t have a financial stake” in what state and local governments do.
And he stressed the importance of providing Federal resources to help state and local officials. He views CISA as having three main roles: Understand, Share, and Act (USA). CISA, he said, wants to understand as much as possible about a given cybersecurity risk, share that information with all involved in the risk, and provide trainings, assessments, and other resources. “The way I think about us as an agency, I see ourselves as the nation’s risk advisor,” Krebs said.