Russia claims: What is the Cyber ​​Security and Infrastructure Security Agency (CISA)?

The Federal Agency for Cyber ​​Security and Infrastructure Security (CISA) recently reported widespread piracy involving government agencies and private companies – an apparent Russia-related attack that could have gone unreported for up to nine months.

The hack compromised federal agencies and “critical infrastructure” in a sophisticated attack that was difficult to detect and will be difficult to undo, CISA announced on Thursday in an unusual warning message.

Established under President Trump in 2018, CISA operates under the supervision of the Department of Homeland Security (DHS).

Its activities are a continuation of the National Directorate of Protection and Programs (NPPD). CISA was established when Trump signed the Cybersecurity and Infrastructure Agency Act.

CISA’s mission is to “build national cyber attack capability” and work with the federal government to provide cybersecurity tools, incident response services and assessment capabilities to protect .gov networks that support key operations. of partner departments and agencies. . “

CISA is an independent arm within DHS, in the same way as the Secret Service or the Federal Emergency Management Agency (FEMA).


Christopher Krebs was the first director of CISA. He was ousted by President Donald Trump in November.

Like the NPPD, CISA oversees the Federal Protection Service (FPS), the Office for Cyber ​​Analysis and Infrastructure (OCIA), the Office for Cyber ​​Security and Communications (OC&C), and the Office for Infrastructure Protection (OIP).

In an effort to reduce CISA’s backlog in cybersecurity vulnerability assessments, a Senate committee recently proposed giving CISA an additional $ 59 million in the 2021 fiscal year budget.

For the 2020 elections, the agency conducted 131 remote penetration tests and 59 on-the-spot assessments of risks and vulnerability to local electoral infrastructure, and about 263 election officials across the country receive weekly vulnerability scan reports. He also helped train thousands of election officials through online security courses.

This month, CISA reported a massive, ongoing hacking campaign that is believed to have begun in March and is the work of Russia. The Department of Energy, the State Department, the Department of Defense and DHS reported that they were compromised. These government branches join previous assessments confirming that the Treasury and Commerce Departments have been violated in what investigators believe is a massive Russian intelligence operation.

On Sunday, CISA announced the intrusion involving SolarWinds Orion products, which is now under FBI investigation, and instructed all federal agencies to disconnect from the violated network management software.


SolarWinds’ client list spans approximately 300,000 organizations – including other highly sensitive federal agencies, the Department of Justice and the Centers for Disease Control (CDC), and thousands of private companies.

Nearly all Fortune 500 companies use SolarWinds products to scan their networks, including major defense contractors such as Boeing, according to The New York Times.

Russia has denied involvement in the campaign.

Click here for the FOX NEWS app

However, preliminary analyzes of the attacks suspect that the sophistication of the attacks lends itself to the work of the Russian Foreign Intelligence Service (SVR – the intelligence wing that succeeded the former Soviet secret police, KGB). The belief that SVR is behind the attacks stems from the fact that hackers are particularly judicious in extracting data from certain targets.

Hollie McKay of Fox News contributed to this report.