As the nation's risk advisor, the Cybersecurity and Infrastructure Security Agency (CISA) brings our partners in industry and the full power of the federal government together to improve American cyber and infrastructure security.
Since the beginning of the Coronavirus threat, also known as COVID-19, CISA has been monitoring the evolving virus closely, taking part in interagency and industry coordination calls, and working with critical infrastructure partners to prepare for possible disruptions to critical infrastructure.
CISA continues to work closely with federal partners to prepare the nation for possible impacts of a COVID-19 outbreak. This whole-of-nation effort is led by Health and Human Services through the Centers for Disease Control, with all other federal agencies, including CISA, in supporting roles.
CISA Hard at Work
Do you know how much critical work the men and women of the Cybersecurity and Infrastructure Security Agency (CISA) are doing behind the scenes to keep America safe? Acting Secretary Chad Wolf highlights the incredible efforts these DHS employees lead every day to protect the nation’s critical infrastructure and the homeland.
Critical Infrastructure
Functioning critical infrastructure is particularly important during the COVID-19 response for both public health and safety as well as community well-being. Certain critical infrastructure industries have a special responsibility to continue operations during these unprecedented times.
This guidance and accompanying list are intended to support state, local, and industry partners in identifying the critical infrastructure sectors, and the essential workers needed to maintain the services and functions Americans depend on daily, as well as the ability to operate resiliently during the COVID-19 pandemic response.
This document also provides guidance to state, local, tribal, and territorial jurisdictions and the private sector on defining essential critical infrastructure workers. Promoting the ability of these workers to continue working during periods of community restriction, access management, social distancing, or closure orders/directives is crucial to community resilience and continuity of essential functions.
- May 13, 2020: CISA-FBI Joint Announcement on PRC Targeting of COVID-19 Research Organizations | CISA
- May 13, 2020: FBI-CISA PSA PRC Targeting of COVID-19 Research Organizations | CISA
- April 17, 2020: CISA Releases Version 3.0 of Guidance on Essential Critical Infrastructure Workers During COVID-19 | CISA
- April 15, 2020: Connecting Americans to Coronavirus Information Online | Whitehouse.gov
- April 8, 2020: Interim Guidance for Implementing Safety Practices for Critical Infrastructure Workers Who May Have Had Exposure to a Person with Suspected or Con firmed COVID-19 | CISA
- April 8, 2020: TIC 3.0 Interim Telework Guidance (This link is no longer valid.) | CISA
- April 8, 2020: Essential Critical Workers: Do's and Don'ts | CISA
- Identifying Critical Infrastructure During COVID-19 | CISA
- March 28, 2020: Guidance on the Essential Critical Infrastructure Workforce | CISA
- March 19, 2020: CISA Releases Guidance on Essential Critical Infrastructure Workers During COVID-19 | CISA
Cybersecurity
The CISA Insights: Risk Management for Novel Coronavirus (COVID-19) provides executives a tool to help them think through physical, supply chain, and cybersecurity issues that may arise from the spread of COVID-19.
On March 6, 2020 CISA released an alert reminding individuals to remain vigilant for scams related to COVID-19. Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.
On March 13, 2020, CISA released an alert encouraging organizations to adopt a heightened state of cybersecurity urging organizations to adopt a heightened state of cybersecurity when considering alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network (VPN) solution to connect employees to an organization’s information technology (IT) network.
Contact CISA to report incidents, phishing, malware, and other cybersecurity concerns.
- August 12, 2020: Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails | CISA.gov
- July 16, 2020: Malicious Activity Targeting COVID-19 Research, Vaccine Development | CISA.gov
- May 21, 2020: Avoid Scams Related to Economic Payments, COVID-19 | CISA
- May 21, 2020: CISA, IRS, USSS, and Treasury Release Joint Alert on Scams Related to Coronavirus Economic Impact Payments | CISA
- May 13, 2020: Secure Video Conferencing For Schools | CISA
- May 5, 2020: Alert: APT Groups Target Healthcare and Essential Services (https://us-cert.cisa.gov/ncas/alerts/AA20126A, link no longer valid) | CISA.gov
- May 5, 2020: COVID-19 Cyber Threat Exploitation | CISA.gov
- April 8, 2020: UK and US Security Agencies Issue COVID-19 Cyber Threat Update | CISA
- Risk Management for Novel Coronavirus (COVID-19) | CISA
- March 13, 2020: Enterprise VPN Security | CISA
- March 6, 2020: Defending Against COVID-19 Cyber Scams | CISA