Mayorkas pledges to modernize US cyber-defenses after their failure to detect alleged Russian spies

"Our government got hacked last year and we didn’t know about it for months,” the DHS chief lamented Wednesday.
U.S. Secretary of Homeland Security Alejandro Mayorkas speaks while visiting a FEMA vaccination center on March 2, 2021 in Philadelphia. (Photo by Mark Makela/Getty Images)

A suspected Russian hacking campaign exposed glaring shortcomings in the U.S. government’s approach to cybersecurity, Homeland Security Secretary Alejandro Mayorkas said Wednesday while promising to harness federal resources to improve public and private-sector defenses.

Mayorkas pledged to improve nearly every major facet of DHS’s cybersecurity work, from helping federal agencies recover from hacks to thwarting them in the first place. Part of that will come through an executive order President Joe Biden is expected to release soon to tighten security requirements for federal agencies and the software vendors that supply them.

“Our government got hacked last year and we didn’t know about it for months,” Mayorkas said at the RSA Conference.

“This incident is one of many that underscores the need for the federal government to modernize cybersecurity defenses and deepen our partnerships,” Mayorkas said, referring to the alleged Russian spying operation exploiting contractor SolarWinds and other vendors that U.S. officials have linked to Russia.


At least nine federal agencies have been breached in the activity, and the attackers reportedly had access to the email account of Mayorkas’ predecessor, Chad Wolf.

Moscow has denied involvement.

In some of his most detailed cybersecurity-related remarks since being sworn in Feb. 2, Mayorkas also expressed alarm at the steady stream of ransomware incidents hampering state and local governments and U.S. businesses during the coronavirus pandemic. He said DHS was drawing up a proposal for a “cyber response and recovery fund” that will help the department deliver resources to state and local governments dealing with hacking incidents.

DHS’s Cybersecurity and Infrastructure Security Agency (CISA) received $650 million in additional funding from the recently enacted coronavirus relief package, but CISA’s backers say the agency needs more resources to help lead the U.S. government’s cybersecurity work.

Mayorkas also announced a series of two-month “sprints,” or initiatives to focus resources on a given threat, that CISA will undertake. Ransomware, industrial control systems security and election security are among those issues covered by the sprints.


As Mayorkas spoke, his department was continuing to deal with the fallout from a second set of major cyber incidents: the widespread exploitation of vulnerabilities in the Microsoft Exchange Server email software.

State and local governments and U.S. businesses around the country use the software, which suspected Chinese hackers, along with criminal gangs, have exploited in recent weeks. CISA on Wednesday ordered federal civilian agencies to run a Microsoft scanning tool to check for signs of compromise from the Exchange Server hacking.

U.S. officials have previously said they weren’t aware of any federal agencies that had been breached in the Exchange Server hacking, but the updated CISA directive shows that the investigation is ongoing.    

Mayorkas, who is the first Latino to be Homeland Security secretary, also put human rights and diversity and inclusion at the center of his cybersecurity agenda.

“Far too often cybersecurity is used as a pretext to infringe on civil liberties and human rights,” Mayorkas said. “At the end of the day, cybersecurity is about people. It is about protecting our way of life and protecting what we hold dear.”


Clarification, April 1, 1:39 p.m. EDT: This story has been updated to clarify the name of the conference that hosted Alejandro Mayorkas.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts