Dear Governors McAuliffe and Sandoval:
I write today regarding the recent cyberattacks on American political organizations and state election systems and to make sure you are aware of the valuable tools that the Department of Homeland Security (DHS) has to offer to address these threats to our country. I ask for your assistance with informing your fellow governors about these important tools that can be made available upon the request of any state.
As a former Governor of Delaware, former Chairman of the National Governors Association (NGA), and former chair of the NGA’s Center for Best Practices, I greatly value the importance of the great work done by the NGA and the states. I am especially encouraged by the leading role the Center for Best Practices has taken with respect to cybersecurity issues and the commendable work you have done to enhance the state-federal partnership to address cybersecurity challenges.[1] As the cyber threat our country faces grows and evolves, it is critically important that we continue to strengthen the ongoing partnership between the NGA and the federal government.
As has been publicly reported, U.S. intelligence and law enforcement officials are reviewing whether Russia is engaged in active measures to influence the American political process, including cyberattacks on election systems. Last month, for example, the Federal Bureau of Investigation (FBI) issued an alert about unknown actors targeting state election databases.[2] And there is strong evidence that Russia has sought to interfere with foreign states’ election processes in the past in order to serve its own interests.
Although these reports are troubling, I believe the American public should have confidence in our current election systems and the efforts of state and local governments to make the risk of a successful cyberattack remote. With that said, the FBI and DHS are still encouraging state and local governments to take appropriate additional precautions to enhance the security of their election-related computer systems. To this end, there are several tools and resources that are available to states that wish to voluntarily seek more assistance.
DHS, for example, offers cyber hygiene assessments to identify vulnerabilities and then provides recommendations on remediating the vulnerabilities as well as more in-depth, risk, and vulnerability technical assessments. DHS also makes available the services of its 24/7 cyber operations center, known as the National Cybersecurity and Communication Integration Center, as well as regional professionals across the country to help state, local, tribal and territorial governments. States interested in these services can request assistance through DHS’s State, Local, Tribal and Territorial Cybersecurity Engagement program by emailing SLTTCyber@hq.dhs.gov.
In addition, DHS also partners with the Multi-State Information Sharing and Analysis Center (MS-ISAC) to help states manage cyber risk and share information. As you are likely aware, the MS-ISAC is another incredibly valuable resource for states and local governments and offers many services, including real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification and mitigation, and incident response.
When I served as Governor from 1993 to 2001, my fellow governors and I did not have to worry about the many of the kind of cybersecurity challenges faced by states today. While I remain confident in our election systems today and in the numerous security precautions already taken by states, I respectfully ask that you continue to encourage your fellow governors to review the cybersecurity of their election systems and to take advantage of the information and voluntary assistance provided by DHS and other federal agencies. While I fully appreciate a state’s responsibility to administer its own election systems, I believe that we must continue to work together to protect the values and institutions that we cherish so much in our great country.
With best personal regards, I am
Sincerely yours,
Tom Carper
Ranking Member
cc: The Honorable Ron Johnson
Chairman
The Honorable Denise Merrill
Connecticut Secretary of State
President, National Association of Secretaries of State
Source: U.S. Senate Committee on Homeland Security and Governmental Affairs