Increased connectivity of people and devices to the Internet and to each other has created an ever-expanding attack surface that extends throughout the world and into almost every American home. As a result, cyberspace has become the most active threat domain in the world and the most dynamic threat to the Homeland.
Nation-states and their proxies, transnational criminal organizations, and cyber criminals use sophisticated and malicious tactics to undermine critical infrastructure, steal intellectual property and innovation, engage in espionage, and threaten our democratic institutions. By 2021, cybercrime damages are likely to exceed $6 trillion per year. Moreover, the interconnectivity of critical infrastructure systems raises the possibility of cyber attacks that cause devastating kinetic and non-kinetic effects. As innovation, hyper-connectivity, and digital dependencies all outpace cybersecurity defenses, the warning signs are all present for a potential “cyber 9/11” on the horizon.
Critical infrastructure provides the services that are the backbone of our national and economic security and the health and well-being of all Americans. Cybersecurity threats to critical infrastructure are one of the most significant strategic risks for the United States, threatening our national security, economic prosperity, and public health and safety. In particular, nation-states are targeting critical infrastructure to collect information and gain access to industrial control systems in the energy, nuclear, water, aviation, and critical manufacturing sectors. Additionally, sophisticated nation-state attacks against government and private-sector organizations, critical infrastructure providers, and Internet service providers support espionage, extract intellectual property, maintain persistent access on networks, and potentially lay a foundation for future offensive operations.
Meanwhile, the heightened threat from physical terrorism and violent crime remains, increasingly local and often aimed at places like malls and theaters, stadiums, and schools. Moreover, the advent of hybrid attacks, where adversaries use both physical and electronic means to inflict and compound harm, renders the threat landscape more challenging than ever.
The Department of Homeland Security's cybersecurity and critical infrastructure security responsibilities focus on four goals:
The Federal Government depends on reliable and verifiable information technology systems and computer networks for essential operations. DHS and other federal civilian departments and agencies maintain extensive databases with national security information, personal data on American citizens, proprietary information, and other important information. As a result, malicious cyber attackers target government systems to steal information, disrupt and deny access to information, degrade or destroy critical information systems, or operate a persistent presence capable of tracking information or conducting a future attack.
Serving as the designated federal lead for cybersecurity across the U.S. Government, DHS promotes the adoption of common policies and best practices that are risk-based and responsive to the ever-changing cyber threat environment. Additionally, DHS collaborates with interagency counterparts to deploy capabilities for intrusion detection, unauthorized access prevention, and near real-time cybersecurity risk reports. In deploying these capabilities, DHS prioritizes assessments, security measures, and remediation for systems that could significantly compromise national security, foreign relations, the economy, public confidence, or public health and safety.
Serving as the designated federal lead for cybersecurity across the U.S. Government, DHS promotes the adoption of common policies and best practices that are risk-based and responsive to the ever-changing cyber threat environment. Additionally, DHS collaborates with interagency counterparts to deploy capabilities for intrusion detection, unauthorized access prevention, and near real-time cybersecurity risk reports. In deploying these capabilities, DHS prioritizes assessments, security measures, and remediation for systems that could significantly compromise national security, foreign relations, the economy, public confidence, or public health and safety.
Related DHS Components
Public and private owners and operators manage the vast array of critical infrastructure supporting our economy and communities. These facilities provide national critical functions that are so vital to the United States that their disruption, corruption, or dysfunction would have a debilitating effect on the Nation’s security, economy, and public health and safety. Increasingly, infrastructure owners and operators face new risks and even nation-state adversarial actions. DHS supports owners and operators providing national critical functions by sharing intelligence and information, assisting with incident response, performing vulnerability and risk assessments, investing in the research and development of protective technologies, and providing other technical services to improve the security and resilience of our Nation’s critical infrastructure against all threats. Along with these important initiatives for stakeholders, DHS collaborates with interagency partners to build a common understanding of strategic cyber threats that can empower private sector network defenders, critical infrastructure owners and operators, and government partners to improve resilience and integrity of national critical functions.
Related DHS Components
Infrastructure systems are rapidly evolving to capitalize on new technology and opportunities to enhance their services, and adversaries are constantly evolving to outpace stove-piped defenses. As a result, DHS plays a critical role in bringing government, private sector, and international partners together to advance best practices and collective defenses that promote security and resilience across the United States’ expansive critical infrastructure and the larger cyber ecosystem. DHS leverages a national risk management approach to jointly assess cyber risks, develop plans for specific threats, and implement tailored solutions to protect our critical networks. As critical infrastructure owners and operators address the challenges of today, DHS will also look to the future and leverage feedback from our partners to plan more strategically to match and surpass the pace and innovation of adversaries.
Related DHS Components
As cyberspace increasingly pervades every facet of society, it has provided a new and complex domain for traditional criminal actors to engage in illicit activity that threatens U.S. homeland security. This borderless feature allows transnational criminal organizations and foreign criminal actors to commit cyber intrusions, bank fraud, child exploitation, data breaches, and other computer-enabled crimes without ever entering the United States. The speed of innovation further complicates this threat, since cybersecurity measures are implicitly reactionary. As a result, the United States is relying on law enforcement investigations to complement its defensive capabilities that combat this threat.
Despite diligent efforts by the collective homeland security enterprise, the United States must do more to deter, detect, and identify cyber criminals and bring them to justice. Accordingly, DHS is applying its extensive cyber capabilities to investigate cyber criminals and take decisive actions to shield the American public from the incessant barrage of cybercrime by disrupting and dismantling criminal organizations. In particular, DHS is working to expand multilateral cooperative agreements with international partners to reach cyber criminals from regions outside the United States.