U.S. cyber officials testifying before a House subcommittee on Tuesday told lawmakers that they’ve made “significant progress” in improving and securing federal networks from cyber threats.
Christopher DeRusha, the deputy national cyber director in the Executive Office of the President, said although officials are not yet at the level they’re aiming to be, they have implemented and prioritized on security measures that have the most impact on securing federal networks.
“We’ve made significant progress on some security measures that have immediate impact like multi-factor authentication and encryption,” DeRusha said.
DeRusha was responding to a question raised by Rep. Yvette Clarke (D-N.Y.), the chairwoman of a House Homeland Security subpanel on cybersecurity. She asked whether federal networks are more secure at the moment following President Biden’s executive order on cybersecurity initiated last year.
The order was established to improve the nation’s cybersecurity by protecting federal government networks and critical infrastructure. The mandate introduced several key initiatives, including facilitating threat information sharing between the government and the private sector, modernizing federal government cybersecurity standards and improving software supply chain security, among others.
The directive followed several major cyberattacks, including SolarWinds and Colonial Pipeline, that disrupted critical sectors. In the SolarWinds hack, which occurred in 2020, Russian state-sponsored hackers exploited vulnerabilities in software updates from the tech company to penetrate the networks of nine federal agencies and at least 100 private sector organizations for nearly a year.
Meanwhile, in May of 2021, the Colonial Pipeline was hit by a disruptive ransomware attack forcing it to shut down operations for nearly a week. The incident caused gas shortages in several states as fuel prices spiked.
Since these attacks, the federal government and the private sector have started investing more in cybersecurity including passing legislations aimed to address cyber vulnerabilities.
“We’ve got a lot of work ahead, but I really feel very good about the progress we’re making and the path we put ourselves on,” DeRusha said.
Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), who echoed the same sentiment, said that following the SolarWinds hack, his agency has made “tremendous progress” across each initiative the order focuses on.
“We are gaining extraordinary, centralized visibility into threats and risks targeting federal agencies,” Goldstein said.
He added that the agency has rolled out new cybersecurity shared services which has increased its direct support to other federal departments so they can effectively meet CISA’s directive and guidance.
The officials were also asked whether the Biden administration has taken actions to secure the networks of federal agencies in response to the recent Russian cyber threats.
DeRusha said his office has convened with federal chief information officers since November to discuss the threat levels and how to prepare for them.
“It’s something that we’ve really sustained over that period of time with regular communication,” he said.
DeRusha went on to praise measures that CISA has taken, including issuing its “Shields Up” guidance, which consists of steps companies can take to strengthen their cyber defenses, such as implementing multifactor authentication and using encryption.
“They’re sharing that information with the entire federal CIO [Chief Information Officer] and CISO [Chief Information Security Officer] community, ensuring that they have that threat information at their fingertips to prevent any harm that could come our way,” DeRusha said.
Goldstein added that CISA has been gathering information from its partners in the private sector and from those operating in the ground in Ukraine and has been sharing that intel “as quickly as possible” with key partners in the U.S., including federal agencies.
“Even though we have not yet seen the damaging attacks on the homeland that we were so concerned about, we remain in this posture of heightened risks and focused on sharing information as quickly as possible so we can stay ready if those attacks begin to manifest,” Goldstein said.