House Dems seek $400 million to help states deal with cyber threats during COVID-19

The request for new funding comes as state and local governments face an spike in ransomware attacks.

cybersecurity in cities (shutterstock.com)
 

Four key House Democrats are urging Speaker Nancy Pelosi (D-Calif.) and Minority Leader Kevin McCarthy (R-Calif.) to include millions in new cybersecurity funding for state and local governments in the next planned coronavirus relief package being negotiated by Congress.

In an April 13 letter, House Homeland Security Committee Chair Bennie Thompson (D-Miss.), Cybersecurity and Infrastructure Protection Subcommittee Chair Cedric Richmond (D-La.) and Reps. Dutch Ruppersberger (D-Md.) and Derek Kilmer (D-Wash.) ask that leaders carve out $400 million in dedicated funding to help state and local governments deal with an increase in ransomware, phishing and other cyberattacks during the coronavirus pandemic.

"State and local government employees are working hard to ensure continuity of operations. However, working from home, they are more susceptible to phishing, malware, and ransomware attacks," the members wrote. "Many State and local employees are using personal, unvetted devices, so employers have no visibility on endpoints. These devices might be unpatched, rely on an unsupported operating system, or lack strong endpoint protection. Many may not be using a virtual private network (VPN). Additionally, the rapid development and scaling up of potentially vulnerable, unvetted applications to facilitate online services presents new risks."

A joint alert sent out Apr. 8 by the U.S. Cybersecurity and Infrastructure Security Agency and the U.K. National Cybersecurity Centre Cybersecurity warned that nation states and criminal groups are exploiting the current crisis to carry out ransomware and other malware attacks.

Experts and threat intelligence firms have also cautioned that hackers are targeting hospitals, public health organizations and other health care facilities in addition to local governments while they're overwhelmed by the pandemic. Others have noted that nation states and criminal organizations are piggybacking off public interest in COVID-19 to craft phishing lures, conduct espionage and promote favorable narratives through information operations.

The request for new funding comes as state and local governments were already dealing with an unprecedented spike in ransomware attacks. In February, the House Homeland Security Committee reported favorably on similar legislation sponsored by Richmond and 17 other House Democrats and Republicans.

"The American public is counting on State and local jurisdictions to implement and deliver COVID19 relief packages approved by Congress," the members wrote. "Any disruption in the delivery of services would only compound the strain on State and local governments struggling to effectively serve their citizens in the midst of a global pandemic. We cannot let that happen."

POLITICO first reported on the letter.