What is the DHS Cyber Hunt and Incident Response Teams Act?

On September 24th, 2019, Senate Bill S.315 aka the “DHS Cyber Hunt and Incident Response Teams Act of 2019” was passed unanimously. The legislation seeks to amend the Homeland Security Act of 2002, authorizing DHS’ National Cybersecurity and Communications Integration Center (NCCIC) to permanently operate cyber hunt and incident response teams that can aid federal and non-federal entities in the event of a cyberattack, such as a ransomware infection. This will allow the establishment of teams specifically dedicated to helping agencies find threats and recover from any serious cybersecurity incident, not just ransomware attacks. One of the more important nuances here is the fact that the new measure authorizes DHS to bring in private sector security experts to join the hunt teams, as needed.

“As cyber threats become increasingly common, it is crucial that everyone from the federal government to local governments like Strafford County have the resources and support that they need to strengthen their cybersecurity. This bipartisan legislation will allow the best minds in cybersecurity to work together to better protect our digital infrastructure and to respond to attacks. I am pleased that this commonsense bill passed the Senate, and I urge my colleagues in the House to pass it without delay.”

Senator Maggie Hassan, New Hampshire

Government agencies, especially at the state and local levels, have become commonly targeted by ransomware attacks in the last few years. Some municipalities have elected to pay the ransom, while others have opted to restore their systems from backups or try to recover in other ways. The unfortunate part is the difficulty or flat out inability for the state and local agencies to be able to help deal with these types of attacks. Unfortunately, these smaller agencies lack the budget and technical expertise to be able to help respond effectively.

“Our cyber response teams play an important role in protecting against cyber threats, reducing cybersecurity risks, and helping to get our cyber infrastructure back up and running after an attack occurs. I am glad the Senate passed our bipartisan legislation and I hope we send it to the president’s desk soon so that we can strengthen our response efforts in the event of a cyberattack.” 

Senator Rob Portman, Ohio

While this appears to be a step in the right direction, it still feels like the real needle mover would be to assist government agencies before they are actually attacked. This bill could be a stepping stone to having something done in the future that would allow federal resources to assist in the prevention of attacks, as opposed to just responding to following a successful attack, but only time will tell.