Nielsen announces new efforts to defend against cyberattacks

Federal security officials have created a new level of defense aimed at protecting banks, energy companies and other structures from massive cyberhacking attempts, Department of Homeland Security Secretary Kirstjen Nielsen announced Tuesday in New York.

The announcement of the National Risk Management Center, a physical space that was created inside DHS, was made as Nielsen called out Russia for meddling in the 2016 election in her most forceful public comments to date on the matter. But she still stopped short of endorsing a key U.S. intelligence finding that Russia interfered with the aim of helping President Donald Trump’s candidacy.

“Let me be clear: Our intelligence community has it right. It was the Russians. We know that. They know that. It was directed from the highest levels. And we cannot and will not allow that to happen again,” Nielsen said.

The DHS chief said cyberthreats have now surpassed physical threats in endangering the U.S.

“Don’t get me wrong, terrorists and criminals still pose a serious threat to our lives, and they are plotting against Americans daily. However, the ‘attack surface’ in cyberspace is now broader and under more frequent assault,” Nielsen said.

The National Risk Management Center is expected to focus on financial services, telecommunications and energy sectors, Nielsen said at the National Cybersecurity Summit in Lower Manhattan.

“The center will bring together government experts with willing industry partners so that they can influence how we support them,” Nielsen said. “Our goal is to simplify the process, to provide a single point of access to the full range of government activities to defend against cyberthreats.”

The new center will include what Nielsen called 90-day “sprints” starting immediately to identify key priorities and to conduct joint risk assessments. Cross-sector exercises will also start this fall.

The plan is to work with federal partners in the private sector to help identify, assess and prioritize risks to protect national critical infrastructure, Nielsen said.

Government officials were spurred to create the new measure as security officials have warned that cyberattacks are ongoing and that a hack of key infrastructure could have disastrous effects.

“Although no actual votes were changed in 2016 — let me be clear in this — any attempt to interfere in our elections is a direct attack on our democracy, it is unacceptable, and it will not be tolerated,” Nielsen said.

Earlier this month, Nielsen warned state officials that the threat from Russia to target elections has not gone away. Nielsen, along with others such as Deputy Attorney General Rod Rosenstein, who also said cyberattacks from Russia have not stopped, made the remarks at a security conference in Aspen, Colorado.

Nielsen, who spent her morning meeting with other security industry leaders before her presentation at the security summit, referenced other attacks, such as North Korea’s WannaCry ransomware that spread to more than 150 countries. She also referenced a single breach where cybercriminals hacked a major credit bureau.

To battle this, Nielsen said they will attack offenders diplomatically, financially and legally, as well as using other strategies.

“The United States will no longer tolerate your interference,” Nielsen warned. “You will be exposed. And you will pay a high price.”