The United States is moving ahead with efforts to harden its critical infrastructure against cyberattacks by foreign countries and criminal actors.
President Donald Trump Friday signed legislation creating the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security. The new agency is charged with helping protect a variety of vital systems, from the nation's electric grid to its election infrastructure.
"This is so important, what we're doing right now," Trump said at a White House ceremony attended by Homeland Security Secretary Kirstjen Nielsen and lawmakers.
"Every day, America's adversaries are testing our cyber defenses," the president said. "They attempt to gain access to our critical infrastructure, exploit our great companies, and undermine our entire way of life. And we can't let that happen."
Officials said the newly created agency will streamline efforts already underway in a number of areas and also do more to reach out to private companies and industries, which form a large part of the nation's technical and physical backbone.
Many said the creation of the new agency was long overdue.
"The threats we face today are organic and our adversaries are evolving," Nielsen said later Friday, praising the creation of the new agency in a speech to the U.S. Chamber of Commerce in Washington.
"Nation states such as Russia, North Korea, Iran and China are playing the long game to degrade our critical infrastructure," she warned. "The risks of cascading disruptions across [economic and industrial] sectors and continents is not hypothetical."
Homeland Security officials point to the efforts to secure the recent midterm elections as an example of what can be done with a more focused approach and more outreach to states and private companies.
Despite concerns foreign adversaries like Russia might try to penetrate U.S. election systems and voter databases, officials say if there were any attacks, they were unsuccessful."There were no indications at the time of any foreign compromises of election equipment that would disrupt the ability to cast or count a vote. We haven't changed that assessment," said CISA Director Chris Krebs, who helped oversee election preparations.
One of the first priorities of the new agency will be to identify the most critical, and most vulnerable, functions, and find ways to best protect them.
And that, Krebs said, could take some time.
"Just because we got this name and just because we've streamlined the organization through a number of steps, doesn't mean that all of a sudden we come in cyber guns blazing," he said.
Krebs is giving the new agency two years to get to full operational capability, realizing a lot will be dependent upon cooperation from private companies, who until now have often been hesitant to cooperate with the government, and especially with government agencies involved, at any level, in law enforcement.
But CISA is hopeful that is about to change and that the private sector is now ready and willing to share information on cyberattacks and other threats.
"One of the greatest incentives of sharing information with us is that they're getting value back," CISA Assistant Director for Cybersecurity Jeanette Manfra said. "It's not just that they're shoving information into the government black box and they don't get any results from it."
Officials said the new agency will also be taking steps to ensure that any information shared by private sector organizations or companies will remain confidential, even as it is used to track potential attacks and develop defenses and responses.
The officials said they also expect the U.S. will be in a better position to respond to any attacks due to improved coordination with the Defense Department, including consultations about the potential for blowback (repercussions of a counterattack) should the U.S. deem it necessary to respond in kind to a cyberattack.
"We are not to going to accept the current threat environment. We are not to going to accept Russian government actors continuing to prod, probe and try to penetrate our critical infrastructure," Krebs told business leaders Friday. "We are not going to tolerate the Chinese government and their cyber actors taking our intellectual property."
"Same goes for the North Koreans. Same goes for the Iranians," he added.
