Category: Homeland Security

Source: US Department of Homeland Security

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the United States Postal Inspection Service (USPIS) joined together to release an Election Mail Security Public Service Announcement (PSA) and a training video for election officials on securely and safely handling potential toxic hazards in election mail. The PSA affirms the incredible efforts local and state officials have invested, through the federal government, in ensuring security and integrity of the elections process, and specifically how seriously CISA and USPIS take the security of election related mail. As CISA leads federal efforts to ensure election officials have the resources they need to defend against the range of cyber and physical threats to election infrastructure, USPIS ensures the safe and secure delivery of election mail, and the protection of election officials from potentially dangerous mail.    

“CISA, alongside our federal partners like the US Postal Inspection Service, are committed to helping those on the frontline of our democratic process have the tools and resources necessary to accomplish their incredible mission while staying safe from the range of hazards they may face,” said CISA Director Jen Easterly. “Together we can protect America’s election infrastructure against new and evolving threats and that is our continued goal for Protect 2024 here at CISA.”  

“We have a shared commitment, with our close partner CISA, to ensure the safety of election workers and the security of election mail, in part through the education and empowerment of voters and election officials,” said Chief Postal Inspector Gary Barksdale. “Today’s releases are another way we are delivering on that commitment.”  

Everyone has a part to play when it comes to helping to ensure the safe and secure delivery of election mail. Americans can do the following:   

• Don’t let incoming or outgoing mail sit in your mailbox.  Pick up election mail from your mailbox as soon as its delivered.  
• Don’t leave your mail unattended for extended periods.  
• Return outgoing election mail in your local post office or hand directly to a postal employee 
• Many states have online tracking tools to help track the status of your ballot.  If you believe there’s an issue with the receipt or delivery of your ballot, contact your local election office to verify the status of your ballot prior to contacting USPS.  

To report suspicious mail and election mail-related security or criminal incidents contact USPIS at (877) 876-2455 or you can report election mail crimes at uspis.gov/report. To view the CISA and USPIS PSA and training video, please visit CISA and USPIS Election Mail Security Resources on CISA.gov. and check out #Protect2024 for the latest information regarding election security at CISA. 

###

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram. 

Source: US Department of Homeland Security

WASHINGTON – On October 22, the U.S. Department of Homeland Security (DHS) held an awards ceremony hosted at DHS headquarters located at St. Elizabeths campus in Southeast Washington, D.C. where 325 employees received a Secretary’s Award in recognition of their outstanding contributions to the Department’s mission. 

“Every single day, with great determination, integrity, and skill, the 268,000 men and women of the Department of Homeland Security ensure the safety and security of the American people,” said Secretary of Homeland Security Alejandro N. Mayorkas. “Thanks to these extraordinary public servants, our shores, harbors, skies, cyberspace, and borders are protected; fentanyl and other deadly drugs are prevented from entering our country; communities are able to recover and rebuild after a natural disaster; the scourges of human trafficking, forced labor, and online exploitation are mitigated; and so much more. The individuals we recognize today with our Department’s highest honor, the Secretary’s Award, reflect the very best of DHS – and in their selfless dedication to mission, the very best of public service.”

The DHS Secretary’s Awards are an annual program that recognizes the extraordinary individual and collective achievements of the workforce. The 325 awardees recognized in today’s ceremony represent the U.S. Customs and Border Protection (CBP), the Cybersecurity and Infrastructure Security Agency (CISA), the DHS Office of Strategy, Policy, and Plans, the DHS Privacy Office, and the U.S. Coast Guard (USCG). 

“In recognizing these outstanding DHS personnel with a Secretary’s Award, we recognize all our talented personnel; the achievements of one are not possible without the contributions of others,” added Secretary Mayorkas. “We also express our appreciation to their families and loved ones; when one serves, the family serves too.”

This year’s award recipients developed and issued policy and procedures associated with a whole-scale transition to a new pay system for TSA; launched a series of coordinated and collaborative initiatives, operations and investigations targeting Transnational Criminal Organizations (TCOs) and national security threats operating and transiting through the Darien Gap region; arrested over 8,000 human smugglers, produced over 5,000 intelligence reports, and seized over $38M USD in real property; ensured over 2,300 vital alerts and warnings were provided to owners and operators of critical infrastructure to protect against cyberattacks; among many other achievements. 

This year, DHS is holding nine Secretary’s Awards ceremonies across the country, honoring over 1,700 employees, the most annual awardees ever. 

Last year, Secretary Mayorkas unveiled 12 priorities for the Department, including a commitment to champion the workforce and transform the employee experience. DHS has the third largest workforce of any federal department, behind the Department of Defense and Department of Veterans Affairs. The Department is home to more than 92,000 sworn law enforcement officers, the greatest number of law enforcement officers of any department in the federal government. DHS has committed to increasing the representation of women in law enforcement or related occupations at DHS to 30% by 2030. Over 54,000 veterans, or nearly 21% of the workforce, continue serving their country by working at DHS. 

DHS operational components interact more frequently on a daily basis with the American public than any other federal department, from travelers moving through air, land, and sea ports of entry, to businesses importing goods into the country, to immigrants applying for services. To learn more about the impact DHS makes every day, visit: DHS.gov/TodayDHSWill.

Last year, DHS improved the efficiency of processing noncitizens at the Southwest Border, deployed across the country to respond to natural disasters, investigated cybercrimes, created a new streamlined process for adjudicating asylum applications, safely and securely resettled nearly 90,000 evacuated Afghans in the United States, provided resources for organizations to enhance their cybersecurity resilience, established a process for Ukrainian nationals seeking refuge, secured the 2022 midterm elections, and demonstrated heroism by acting quickly and courageously to save lives in harrowing circumstances. 

For the full list of awardees, visit  2024 Secretary’s Awards | Homeland Security (dhs.gov). 

Source: US Department of Homeland Security

WASHINGTON – The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued their final four-part joint public service announcement (PSA) today titled “Just So You Know: Foreign Threat Actors Likely to Use a Variety of Tactics to Develop and Spread Disinformation During the 2024 U.S. General Election Cycle.” This PSA highlights efforts by foreign actors to spread disinformation in the lead-up to the 2024 U.S. general election with the goal of casting doubt on the integrity of the democratic process and sowing partisan discord. Foreign adversaries are using a variety of sophisticated disinformation campaigns, often leveraging new tools, such as generative artificial intelligence (AI), to craft and spread misleading content. 

“As we approach Election Day, it is important to remember that while elections are political, election security is not. Election security is national security. Our foreign adversaries are looking to attack our democratic process to further their own objectives, and we need the help of all Americans in ensuring they are not successful,” said CISA Senior Advisor Cait Conley.  “There has been incredible effort across local, state and federal governments to ensure the security and integrity of our nation’s election infrastructure. Americans should be confident that their votes will be counted as cast.  They should also know that our foreign adversaries will try to make them believe otherwise. We encourage everyone to remain vigilant, verify the information they consume, and rely on trusted sources like their state and local election officials.” 

The PSA highlights specific examples of tactics we have seen used by Russia and Iran during the 2024 election cycle to target all Americans. These include things from mimicking national level media outlets like the Washington Post and Fox News and creating inauthentic news sites posing as legitimate media organizations to using paid influencers to hide their hand. It is important for voters to critically evaluate information sources, particularly as disinformation campaigns evolve to use AI-generated content. Both agencies urge the American public to rely on trusted information from state and local election officials and to verify claims through multiple reliable sources before sharing them on social media or other platforms. 

For more information on how to protect yourself from disinformation, visit the official websites of the FBI and CISA’s dedicated election security webpage, cisa.gov/Protect2024.  

###

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram. 

Source: US Department of Homeland Security

Preamble 

Commitment 

Next Step 

Source: US Department of Homeland Security

Source: US Department of Homeland Security

National Security Risks of Artificial Intelligence (AI) 

Countering Foreign Interference 

Lawful Access 

Child Sexual Exploitation and Abuse (CSEA) 

Migration  

Closing 

Source: US Department of Homeland Security

WASHINGTON – On October 15, the U.S. Department of Homeland Security (DHS), through U.S. Immigration and Customs Enforcement (ICE), conducted its second charter removal flight to the People’s Republic of China (PRC) of Chinese nationals this year.  The first large charter removal flight since 2018 was conducted in June in close coordination with the PRC’s National Immigration Administration. This week’s flight demonstrates the Department’s continued commitment to pursuing sustained cooperation with the PRC and other international partners to reduce and deter irregular migration.  

DHS continues to enforce U.S. immigration laws and deliver tough consequences for those who enter unlawfully. This includes swiftly returning those without a legal basis to remain in the United States, while encouraging the use of lawful pathways. On June 4, President Biden issued a Proclamation to temporarily suspend the entry of certain noncitizens across the southern border. As a result, since June 4 the Border Patrol’s encounters have decreased more than 55%, and DHS has operated more than 398 international repatriation flights through the end of August to more than 140 countries—including the PRC. 

“Intending migrants should not believe the lies of smugglers – Chinese nationals without a legal basis to remain in the United States are subject to swift removal,” said Secretary of Homeland Security Alejandro N. Mayorkas. “The Department of Homeland Security will continue to strengthen consequences for individuals unlawfully entering our country and enforce our nation’s laws.”

DHS regularly engages counterparts throughout the hemisphere and around the world to accept repatriations of nationals without a legal basis to remain in the United States and takes other steps to reduce irregular migration; promote safe, lawful, and orderly pathways; and hold transnational criminal networks accountable for abusing our lawful trade and travel systems, and the smuggling and exploitation of vulnerable people. Over the last year, DHS has removed individuals to a range of countries around the world, including Colombia, Ecuador, Peru, Egypt, Mauritania, Senegal, Uzbekistan, India, and the PRC. As a result of these efforts, DHS removed or returned more individuals in FY2024 than any year since FY2010. Efforts to expand removal flights continue.

Source: US Department of Homeland Security

Certain Lebanese nationals will be eligible for DED and TPS, allowing them to work and temporarily remain in the United States

WASHINGTON – The U.S. Department of Homeland Security (DHS) is announcing new actions to provide temporary immigration reprieve to eligible Lebanese nationals currently in the United States and allowing them the opportunity to request work authorization. Included in today’s announcement are details related to the Deferred Enforced Departure (DED) for Lebanese nationals as previously announced in July, and a planned new Temporary Protected Status (TPS) designation for Lebanon.

After consultation with interagency partners, Secretary Mayorkas is announcing a new TPS designation for Lebanon for 18 months due to ongoing armed conflict and extraordinary and temporary conditions in Lebanon that prevent nationals of Lebanon from returning in safety. Those approved for TPS will be able to remain in the country while the United States is in discussions to achieve a diplomatic resolution for lasting stability and security across the Israel-Lebanon border. The designation of Lebanon for TPS will allow Lebanese nationals (and individuals having no nationality who last habitually resided in Lebanon) who have been continuously residing in the United States since October 16, 2024 to file initial applications for TPS, if they are otherwise eligible. Lebanese nationals who entered the United States after October 16, 2024 will not be eligible for TPS. More information about TPS, including how to apply for employment authorization, will be included in a forthcoming Federal Register Notice which DHS intends to publish in the next few weeks. Individuals should not apply for TPS under this designation until this Federal Register Notice publishes.

Today, U.S. Citizenship and Immigration Services (USCIS)also posted a Federal Register Notice establishing procedures for those Lebanese nationals covered by President Biden’s July 26, 2024 grant of Deferred Enforced Departure to apply for Employment Authorization Documents (EADs) that will be valid through January 25, 2026. As described in the Federal Register Notice, eligible Lebanese nationals can apply for an EAD by filing Form I-765, Application for Employment Authorization. USCIS adjudicates each EAD application on a case-by-case basis to determine if an applicant meets all standards and eligibility criteria. More information about DED-based EADs is available on the USCIS website.

DHS is also publishing a Special Student Relief Notice for F-1 nonimmigrant students whose country of citizenship is Lebanon, or individuals having no nationality who last habitually resided in Lebanon, so that eligible students may request employment authorization, work an increased number of hours while school is in session, and reduce their course load while continuing to maintain F-1 status through the DED designation period.

In total, approximately 11,000 Lebanese nationals will likely be eligible for DED and TPS pursuant to these actions. There are also approximately 1,740 F-1 nonimmigrant students from Lebanon in the United States who may be eligible for Special Student Relief. 

Source: US Department of Homeland Security

WASHINGTON – Secretary of Homeland Security Alejandro N. Mayorkas issued the following statement on the Independent Review Panel report released today regarding the July 13, 2024 assassination attempt against former President Trump in Butler, Pennsylvania.

“We are grateful to the members of the bipartisan Independent Review Panel and their staff for their in-depth examination of the security failures that led to the July 13, 2024 assassination attempt on the former President and the loss of life and casualties suffered.  The members of the Independent Review Panel are highly accomplished individuals with extensive security and law enforcement backgrounds, and the U.S. Secret Service’s protection mission will benefit greatly from their recommendations.

“I have reviewed the Independent Review Panel’s report and have met with the Panel members. We will fully consider the Panel’s recommendations and are taking the actions needed to advance the Secret Service’s protection mission.  These actions will be responsive not only to the security failures that led to the July 13, 2024 assassination attempt, but, importantly, to what the Independent Review Panel describes as systemic and foundational issues that underlie those failures.  I commend Acting Director Rowe for his leadership and for proactively undertaking security enhancements, including those informed by the Secret Service’s internal Mission Assurance Review.

“I have the utmost confidence in the men and women of the United States Secret Service.  We are operating in a heightened and dynamic threat environment, and it is their talent, unwavering dedication, and tireless service that ensures the safety and security of their protectees and our nation.”

Following the events of July 13 President Joe Biden directed DHS to conduct an independent security review. On July 21, 2024 Secretary Mayorkas named a bipartisan panel with extensive law enforcement and security experience to conduct a 45-day independent review. The independent review panel of experts from outside of government was comprised of former DHS Secretary Janet Napolitano; the Hon. Mark Filip, a former federal judge and Deputy Attorney General to President George W. Bush; Ms. Frances Townsend, former Homeland Security Advisor to President George W. Bush; and Chief David Mitchell, the former superintendent of Maryland State Police and former Secretary of the Department of Public Safety and Homeland Security for the State of Delaware.

Source: US Department of Homeland Security

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released the Product Security Bad Practices for public comment today. This catalog outlines practices that are deemed exceptionally risky and provides recommendations for software manufacturers to mitigate these risks. It urges software manufacturers to avoid these bad practices, especially those who produce software used in service of critical infrastructure or national critical functions (NCFs). Members of the public may submit public comment on this guidance starting today.

The National Cybersecurity Strategy calls for a fundamental shift to rebalance the responsibility to defend cyber space onto those best positioned to bear it; namely, the software manufacturers who build products underpinning our collective digital infrastructure. Fully realizing this shift requires an understanding of the most egregious software development practices that software manufacturers must avoid. This catalog enumerates such practices.

“It’s 2024, and basic, preventable software defects continue to enable crippling attacks against hospitals, schools, and other critical infrastructure. This has to stop. These product security bad practices pose unacceptable risks in this day and age, and yet are all too common.” said CISA Director Jen Easterly. “We hope that by following this clear-cut, voluntary guidance, software manufacturers can lead by example in taking ownership of their customers’ security outcomes and fostering a secure by design future. Please provide input and let us know how we can improve this list of bad practices.”

“Our National Cybersecurity Strategy highlights the importance of securing our nation’s critical infrastructure and shoring up our cyber defenses,” said White House National Cyber Director Harry Coker Jr. “The impact of product security bad practices has wide-ranging consequences across our nation and is often felt by the American people. Our private sector partners must shoulder their responsibility and build secure products and I’m glad to see this document as another tool to help software manufacturers do just that. We need to work together to prioritize best practices to better protect our nation.”

“Bad practices in software development, especially when that software will be used by critical infrastructure, put both customers and our national security at risk,” said Assistant Director of the FBI’s Cyber Division Bryan Vorndran. “The FBI urges software manufacturers to avoid the risky practices described in this guidance, which lead to vulnerabilities that malicious actors routinely exploit.”

These product security bad practices represent the next major step in CISA and partners’ global Secure by Design initiative, which has joined forces with 18 U.S. and international agencies to publish guidance and catalyzed commitments from over 220 software manufacturers to CISA’s Secure by Design Pledge. The bad practices build on practices laid out in the pledge and other guidance including NIST’s Secure Software Development Framework. This catalog will be a central guiding document in CISA’s Secure by Design initiative going forward, playing a key role informing future guidance and actions.

This joint guidance lists the bad practices in three categories:

• Product properties, which describe observable, security-related qualities of a software product.
• Security features, which describe the security functionalities that a product supports.
• Organizational processes and policies, which describe the actions taken by a software manufacturer to ensure strong transparency in its approach to security.

CISA selected the bad practices based on the threat landscape as representing the most dangerous and pressing items that software manufacturers should avoid.

The public comment period concludes on Monday, December 2, 2024. During the comment period, members of the public can provide comments and feedback via the Federal Register at Request for Comment on Product Security Bad Practices Guidance. Following the public comment period, CISA will issue a revised version of the bad practices.

To learn more about the Secure by Design initiative, visit Secure by Design on CISA.gov.

###

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram.