The $1.5 trillion omnibus federal spending bill that’s headed for President Joe Biden’s desk this weekend includes a significant boost for the Multi-State Information Sharing and Analysis Center, the clearinghouse for cybersecurity intelligence and services that supports state and local governments.
The bill, which cleared the Senate late Thursday night, directs another $11 million toward the MS-ISAC, bringing the federal government’s total contribution toward the program to $38 million for the current fiscal year. The funding increase was proposed March 2 by Senate Majority Leader Chuck Schumer and Sen. Kirsten Gillibrand, both Democrats of New York, where the Center for Internet Security — which operates the MS-ISAC — is located.
Schumer and Gillibrand said last week they were requesting the additional funding amid an increased threat of cyberattacks emanating from Russia in retaliation for economic sanctions imposed on that country over its invasion of Ukraine.
“Protecting our government, our businesses, critical infrastructure, and our utilities from cyberattack has assumed even greater importance with Putin’s unjustified aggression in Ukraine and recklessly threatening cyberattacks throughout the world,” Schumer said in a press release Friday.
The MS-ISAC, which was launched in 2004, now enrolls more than 12,500 state and local governments, agencies, school districts and other public-sector entities. It also includes members of the Elections Infrastructure ISAC, which provides support to state and local election administrators. In addition to sharing threat intelligence, the MS-ISAC also provides its member a range of technical services, including network monitoring, malicious domain blocking and endpoint protection.
Since after the start of the war in Ukraine, the Conti ransomware gang — which has attacked more than 400 U.S. targets since 2020, including several local governments, and has potential ties to Russian intelligence — publicly swore it would support the Kremlin by using “all possible resources to strike back at the critical infrastructures” of an “enemy.”
John Gilligan, the Center for Internet Security’s CEO, told StateScoop on Friday that since the start of hostilities, the MS-ISAC had not picked up any increase in malicious activity from Russian sources directed at its members, but said the organization is practicing “heightened awareness.”
“We know Russia is capable and we want to be prepared,” he said. “If Russia wants to go after the U.S. and allied supporters of Ukraine, we know Russia can unleash a concerted effort.”
Gilligan said the additional funding will largely be used to expand the MS-ISAC’s technical services — like the malicious domain blocking and endpoint protection — and allow it to pursue new offerings, like an email monitoring service, which is about to enter a pilot phase, aimed at further reducing ransomware attempts.
“Increasingly what we’ve been doing is in addition to expanding our training and best practices efforts and threat reporting and support, we’ve been expanding the types of services we offer,” he said.
The spending plan Congress approved this week also includes a number of other cybersecurity-focused items, including new requirements for critical-infrastructure operators to report major incidents and ransomware payments to the Cybersecurity and Infrastructure Security Agency. The bill also includes an additional $44 million for the FBI to respond to cyber and intelligence threats from Moscow.