Category: US Department of Homeland Security

Source: US Department of Homeland Security

During emergency events, the Department of Homeland Security (DHS) works with its federal, state, local, and non-governmental partners to support the needs of the people in the areas that may be impacted.

In such circumstances, U.S. Immigration and Customs Enforcement (ICE) and U.S. Customs and Border Protection (CBP) remind the public that sites that provide emergency response and relief are considered protected areas. To the fullest extent possible, ICE and CBP do not conduct immigration enforcement activities at protected areas such as along evacuation routes, sites used for sheltering or the distribution of emergency supplies, food or water, or registration sites for disaster-related assistance or the reunification of families and loved ones.

At the request of FEMA or local and state authorities, ICE and CBP may help conduct search and rescue, air traffic de-confliction and public safety missions. ICE and CBP provide emergency assistance to individuals regardless of their immigration status. DHS officials do not and will not pose as individuals providing emergency-related information as part of any enforcement activities.

DHS is committed to ensuring that every individual who seeks shelter, aid, or other assistance as a result of a natural disaster or emergency event is able to do so regardless of their immigration status.

DHS carries out its mission without discrimination on the basis of race, religion, gender, sexual orientation or gender identity, ethnicity, disability or political associations, and in compliance with law and policy.

For information about filing a complaint with the DHS Office for Civil Rights and Civil Liberties about these matters, please visit our Make a Civil Rights Complaint page.

Source: US Department of Homeland Security

Annual #SeeSayDay is September 25 

Encourages Public to “Spot the Signs. Report the Activity.” 

Today the U.S. Department of Homeland Security (DHS) is observing  #SeeSayDay, the “If You See Something, Say Something®” campaign’s annual national awareness day. This year’s theme, “Spot the Signs. Report the Activity,” highlights the crucial role of public vigilance in national security and counter-terrorism efforts within the current threat environment. The #SeeSayDay call-to-action urges individuals to spot and report suspicious activity to help prevent terrorism-related crime – on September 25, and year-round.  

“Ensuring our collective security takes all of us, working together and looking out for each other,” said Secretary of Homeland Security Alejandro N. Mayorkas. “Saying something when you see something could be the difference between life and death for a family member, friend, neighbor, or someone you don’t even know. Encourage your friends and others in your community to do the same, and we can help prevent tragedies and make our whole country safer.” 

A 2024 RAND study of 628 plots targeting soft targets and crowded places found 64% of foiled attack plots were stopped because of public tips. The DHS “If You See Something, Say Something®” campaign, launched in July 2010 in conjunction with the Nationwide Suspicious Activity Reporting Initiative, reinforces that we must always be alert, and when we have information about a terrorism-related threat, speak up. The campaign aims to inspire Americans to participate in national security and foster positive relationships between citizens and law enforcement. On #SeeSayDay each year, DHS and its campaign partners across the country come together to remind the public that our American communities have a collective stake in homeland security.  

Members of the public are encouraged to get involved on #SeeSayDay in several ways: 

• Learn the 16 signs of suspicious activity. Remember: Factors such as race, ethnicity, gender, national origin, religion, sexual orientation, disability, or gender identity are not suspicious.  

• Find and save your SAR number. Navigate to the campaign’s interactive map to look up the appropriate Suspicious Activity Reporting (SAR) number for wherever you live, work, vacation, or spend time – then save that number in your phone. As always, call 9-1-1 immediately for any emergencies. 

• Use social media to spread the word. Access ready-to-use graphics, pre-drafted captions, and newsletter content that you can share on your personal or organization’s social media platforms and other communication channels to help raise awareness and promote this year’s theme on #SeeSayDay. Use the hashtag #SeeSayDay to note your involvement! 

• Stay connected year-round. Learn more about the campaign, how to become a partner, and access other resources to share with your communities on September 25 or anytime of the year. 

For more information on #SeeSayDay, visit DHS.gov/SeeSayDay.  

Source: US Department of Homeland Security

WASHINGTON – Today, Secretary of Homeland Security Alejandro N. Mayorkas, in consultation with Secretary of State Antony J. Blinken, designated Qatar into the Visa Waiver Program (VWP). The collaboration and information sharing at the core of the VWP will significantly enhance the security interests of the United States in addition to encouraging legitimate travel and commerce between the two nations. 

Secretary Mayorkas and Secretary Blinken commend Qatar for meeting the stringent security requirements to join the Visa Waiver Program (VWP). Qatar has been an exceptional partner for the United States, and our strategic relationship has only grown stronger over the past few years. This is further evidence of our strategic partnership and our shared commitment to security and stability. By meeting the VWP requirements, Qatar becomes the first Gulf country to enter the program and we encourage additional partners to meet all program requirements to allow for entry into the program in the interest of advancing bilateral and regional security cooperation. 

“The Visa Waiver Program is one of our most successful security initiatives. Qatar’s participation in the program increases information sharing regarding one of the world’s busiest travel and transfer hubs, strengthening the security of the United States,” said Secretary of Homeland Security Alejandro N. Mayorkas. “I commend our Qatari partners for meeting the stringent requirements in this agreement entails and look forward to our continued work together on behalf of our respective countries.” 

“Qatar’s fulfillment of the stringent security requirements to join the Visa Waiver Program will deepen our strategic partnership and enhance the flow of people and commerce between our two countries. Qatar’s entry will make travel between the United States and Qatar safer, more secure, and easier for both Americans and Qataris,” said Secretary of State Antony J. Blinken. 

The VWP builds comprehensive security partnerships between the United States and designated countries that meet strict requirements related to counterterrorism, law enforcement, immigration enforcement, document security, and border managemnt. These requirements include that the country have a rate of nonimmigrant visa refusals below 3% during the previous fiscal year; issues secure travel documents; extends reciprocal entry privileges to all U.S. citizens and nationals without regard to national origin, religion, ethnicity, or gender; and works closely with U.S. law enforcement and counterterrorism authorities. Qatar put forth a significant whole-of-government effort to meet all program requirements, including entering into partnerships with the United States to share information on terrorism and serious crimes. As with all VWP countries, DHS will continually monitor Qatar’s compliance with all program requirements. 

Starting no later than December 1, 2024, the Electronic System for Travel Authorization (ESTA) online application and mobile app will be updated to allow citizens and nationals of Qatar to apply to travel to the United States for tourism or business purposes for up to 90 days without first obtaining a U.S. visa. These authorizations are generally valid for two years. Travelers with valid B-1/B-2 visas may continue to use their visa for travel to the United States, and B-1/B-2 visas will remain an option for Qatari citizens. ESTA applications may be found at esta.cbp.dhs.gov or download the “ESTA Mobile” app through the iOS App Store or the Google Play store. 

U.S. citizens already enjoy visa-free travel to Qatar, and beginning October 1, 2024, will be eligible to stay in Qatar for up to 90 days instead of the previous 30-day limit if they have a passport that is valid for at least three months from arrival and a confirmed hotel booking on arrival. 

Under the VWP, citizens and nationals of Qatar will be able to apply for authorization to travel to the United States through the ESTA online or mobile app at a date to be announced shortly after Qatar’s VWP admission. Participating countries are reviewed at least biennially, as required in statute, to ensure they continue to meet all program requirements. 

Qatar will be the 42^nd member of the VWP and the third country added under Secretary Mayorkas’s tenure (Croatia in 2021 and Israel in 2023). More information on the VWP can be found at www.dhs.gov/visa-waiver-program. 

Source: US Department of Homeland Security

First-of-Its-Kind Cybersecurity Grant Program Enters Third Year 

WASHINGTON- Today, the Department of Homeland Security announced the availability of $279.9 million in grant funding for the Fiscal Year (FY) 2024 State and Local Cybersecurity Grant Program (SLCGP). Now in its third year, this program provides funding to state, local, and territorial (SLT) governments to help reduce cyber risk and build resilience against evolving cybersecurity threats. Established by the State and Local Cybersecurity Improvement Act, and part of the Bipartisan Infrastructure Law, the SLCGP provides approximately $1 billion in funding over four years to support SLT governments as they develop capabilities to detect, protect against, and respond to cyber threats.

“In the modern threat landscape, every community can – and too often does – face sophisticated cyberattacks on vital systems like hospitals, schools, and electrical grids,” said Secretary of Homeland Security Alejandro N. Mayorkas. “The Department of Homeland Security’s State and Local Cybersecurity Grant Program empowers key intergovernmental partners with the tools and support necessary to increase resilience and better secure critical infrastructure. Our message to communities everywhere is simple: do not underestimate the reach or ruthlessness of nefarious cyber actors. Through initiatives like the State and Local Cybersecurity Grant Program we can confront these threats together.”

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA) jointly administer this program. CISA provides expertise and guidance on cybersecurity issues while FEMA manages the grant award and allocation process. Award recipients may use funding for a wide range of cybersecurity improvements and capabilities, including cybersecurity planning and exercising, hiring cyber personnel, and improving the services that citizens rely on daily.

“These cyber grants are an investment in the security of our nation’s infrastructure, helping to ensure that communities across the country have the tools they need to defend against cyberattacks,” said CISA Director Jen Easterly. “CISA is proud to offer the SLCGP, helping governments lay a solid foundation for building a sustainable and resilient cybersecurity program for the future.” 

“FEMA is committed to helping our partners address and withstand cybersecurity threats to both infrastructure and systems,” said FEMA Administrator Deanne Criswell. “Thanks to funding from the Biden-Harris Administration, state, local, tribal and territorial governments will be able to build their capacity to better protect themselves from evolving cyber threats.”

Eligible entities have from September 23 until Tuesday, December 3, 2024 at 5 pm ET to apply for funds, via FEMA GO. For more information and helpful resources on the State and Local Cybersecurity Grant Program, visit CISA’s webpage: cisa.gov/cybergrants. 

Source: US Department of Homeland Security

ORLANDO, Fla. — An Orlando man pleaded guilty to enticement of a minor to engage in sexual activity and production of child sexual abuse material following a Homeland Security Investigations (HSI) investigation.

Theron Charles Lord, 36, faces a minimum mandatory penalty of 15 years and up to life in federal prison for the production offense and a minimum mandatory penalty of 10 years and up to life for the enticement offense. Lord has also agreed to forfeit the cellphone he used in the commission of the offense. A sentencing date has not yet been set.

According to the plea agreement, Lord and a 15-year-old child victim met online and began messaging on social media platforms. The messages quickly became sexual in nature and spanned from March until August 2022. In April 2022, Lord drove to meet the victim for the first time and sexually abused the victim. Between April and November 2022, the victim and Lord met in person at least six times and sexual abuse occurred at each meeting. During these meetings, Lord recorded videos of the sexual abuse. Additionally, Lord caused the victim to record and send him specific videos of child sexual abuse.

This case was investigated by HSI Orlando and the Rockledge Police Department. It is being prosecuted by Assistant U.S. Attorney Kaley Austin-Aronson.

To report any information about human trafficking, child sexual abuse, or the trafficking in child sexual abuse material contact the HSI Tip Line at 877-4-HSI-TIP or report it through the CyberTipline on the National Center for Missing & Exploited Children’s website.

Source: US Department of Homeland Security

OCALA, Fla. — A Florida man pleaded guilty to attempting to entice a minor to engage in sexual activity following a joint Homeland Security Investigations (HSI) Orlando investigation.

Devin Joseph Rivera, 24, of Ocala, faces a minimum mandatory penalty of 10 years and up to life in federal prison. A sentencing date has not yet been set.

According to the plea agreement, on July 24, Rivera communicated online within someone he believed was a 13-year-old girl. The child, however, was an undercover HSI Orlando special agent. Rivera engaged in a sexually explicit conversation with the undercover agent and, ultimately, was arrested when he traveled to a predetermined meeting location in Marion County to engage in sexual activity with the child. Rivera brought a blanket and condom with him.

This case was investigated by HSI Orlando, the Marion County Sheriff’s Office, the Ocala Police Department, the Florida Department of Law Enforcement and the Chiefland Police Department. It is being prosecuted by Assistant U.S. Attorney Sarah Janette Swartzberg.

To report any information about human trafficking, child sexual abuse, or the trafficking in child sexual abuse material contact the HSI Tip Line at 877-4-HSI-TIP or report it through the CyberTipline on the National Center for Missing & Exploited Children’s website.

Source: US Department of Homeland Security

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-8963 Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Source: US Department of Homeland Security

WASHINGTON, D.C. – Today, the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) released the following statement:

“Since the 19 August 2024 joint ODNI, FBI, and CISA public statement on Iranian Election Influence Efforts, the FBI has learned additional details about Iran’s efforts to sow discord and shape the outcome of U.S. elections. 

Iranian malicious cyber actors in late June and early July sent unsolicited emails to individuals then associated with President Biden’s campaign that contained an excerpt taken from stolen, non-public material from former President Trump’s campaign as text in the emails. There is currently no information indicating those recipients replied. Furthermore, Iranian malicious cyber actors have continued their efforts since June to send stolen, non-public material associated with former President Trump’s campaign to U.S. media organizations.

This malicious cyber activity is the latest example of Iran’s multi-pronged approach, as noted in the joint August statement, to stoke discord and undermine confidence in our electoral process.  As the lead for threat response, the FBI has been tracking this activity, has been in contact with the victims, and will continue to investigate and gather information in order to pursue and disrupt the threat actors responsible. Foreign actors are increasing their election influence activities as we approach November. In particular, Russia, Iran, and China are trying by some measure to exacerbate divisions in U.S. society for their own benefit, and see election periods as moments of vulnerability. Efforts by these, or other foreign actors, to undermine our democratic institutions are a direct threat to the U.S. and will not be tolerated. 

The FBI and CISA encourage campaigns and election infrastructure stakeholders to report information concerning suspicious or criminal activity to their local Election Crimes Coordinators via FBI field office (https://www.fbi.gov/fieldoffices), by calling 1-800-CALL-FBI (1-800-225-5324), or online at https://www.ic3.gov.  Cyber incidents impacting election infrastructure can also be reported to CISA by calling 1-844-SAY-CISA (1-844-729-2472), emailing report@cisa.dhs.gov, or reporting online at https://www.cisa.gov/report.  Election infrastructure stakeholders and the public can find additional resources about how to protect against cyber and physical threats at CISA’s #PROTECT2024 (https://www.cisa.gov/topics/election-security/protect2024).” 

Source: US Department of Homeland Security

Today, the Department of Homeland Security (DHS) awarded 35 grants, totaling $18 million, under the Targeted Violence and Terrorism Prevention (TVTP) Grant Program for Fiscal Year 2024 (FY24). The TVTP Grant Program provides financial assistance to eligible applicants to develop sustainable, multidisciplinary targeted violence and terrorism prevention capabilities in local communities, to pilot innovative prevention approaches, and to identify prevention best practices that can be replicated in communities across the country.   

“In our current dynamic threat environment, any town, anywhere can be a target,” said Secretary of Homeland Security Alejandro N. Mayorkas. “The Department of Homeland Security’s Targeted Violence and Terrorism Prevention grant awards announced today will help local communities pilot, strengthen, and share evidence-based prevention strategies, significantly expanding our nation’s counterterrorism capacity and making all of us safer.” 

Leveraging a public health-informed approach, the Center for Prevention Programs and Partnerships (CP3) brings together behavioral and mental health providers, educators, faith leaders, social service providers, nonprofits, law enforcement, and other state, local, and community partners to address systemic factors that can lead to violence while strengthening protective factors at the local level that support the safety, well-being, and resiliency of communities in the U.S. This focus has also led to an increase in public health organizations applying for the grant program. In FY24, 35 public health entities applied and 7 were selected, compared to 3 applicants and 2 awardees in FY23. Public health organizations receiving an award include:  

• Parents for Peace 

• Safe States Alliance 

Given widespread concern regarding youth involvement in targeted violence nationally, CP3 selected 20 grantees focused wholly or in part on prevention in youth settings, including grants to improve clinical practice with at-risk youth (Boston Children’s Hospital) and upskilling behavioral threat assessment and management tools for at-risk youth (Safe States Alliance). Awardees include:  

• Auburn University 

• Dillard University 

• Safe States Alliance 

• Southern University 

DHS prioritizes targeted violence and terrorism prevention in underserved communities and has continued its outreach to these areas in recent award cycles, including FY24. This year, the TVTP Grant Program received 39 applications from, or proposing to do work with, underserved communities. CP3 awarded 8 grants that provide services to underserved populations, including one tribal government, three Historically Black Colleges and Universities (HBCUs), one LGBTQ+ serving institution, one organization serving religious minorities, and two organizations serving rural communities. Awardees include:  

• Centerlink 

• Dillard University 

• Otoe-Missouria Tribe 

• Southern University  

CP3’s financial and technical assistance helps grow the TVTP community of practice. The FY24 awards have created approximately 50 new prevention jobs in addition to the dozens of existing positions that will be partially or fully funded by these awards.  

Launched in 2020, the program, administered by the DHS CP3 and the Federal Emergency Management Agency (FEMA), is the only federal grant program solely dedicated to helping local communities develop and strengthen their targeted violence and terrorism prevention capabilities in this area. DHS awarded nearly $90 million via 178 awards to organizations working to prevent violence in 41 states plus the District of Columbia. 

To date, TVTP grant programs have conducted training sessions that built prevention capacity among 38,250 attendees. This program has also funded projects that directly address and manage cases involving individuals with behavioral indicators for violence. As of August 2024, grantees from FY20-FY23 have opened 1,172 cases and referred them to partners or provided direct mental health counseling, social services, and other services to increase protective factors in these clients. 

The anticipated next round of TVTP grant funding will be announced in spring 2025. Additional information about current and previous TVTP grantees, such as programs, tools, resources, accomplishments, closeout reports, award grants, and more can be found on the TVTP Grant Program webpage. These resources support prevention practitioners in advancing their work and reaffirm DHS’s commitment to transparency.  

Source: US Department of Homeland Security

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) published the Federal Civilian Executive Branch (FCEB) Operational Cybersecurity Alignment (FOCAL) Plan today. As the operational lead for federal cybersecurity, CISA uses this plan to guide coordinated support and services to agencies, drive progress on a targeted set of priorities, and align collective operational defense capabilities. The end result is reducing the risk to more than 100 FCEB agencies.

Each FCEB agency has a unique mission, and thus have independent networks and system architectures to advance their critical work. This independence means that agencies have different cyber risk tolerance and strategies. However, a collective approach to cybersecurity reduces risk across the interagency generally and at each agency specifically, and the FOCAL Plan outlines this will occur. CISA developed this plan in collaboration with FCEB agencies to provide standard, essential components of enterprise operational cybersecurity and align collective operational defense capabilities across the federal enterprise.

“Federal government data and systems interconnect and are always a target for our adversaries. FCEB agencies need to confront this threat in a unified manner and reduce risk proactively,” said CISAExecutive Assistant Director for Cybersecurity, Jeff Greene. “The actions in the FOCAL plan orient and guide FCEB agencies toward effective and collaborative operational cybersecurity and will build resilience. In collaboration with our partner agencies, CISA is modernizing federal agency cybersecurity.”

The FOCAL plan is organized into five priority areas that align with agencies’ metrics and reporting requirements. Each priority has goals ranging from addressing universal cybersecurity challenges such as managing the attack surface of internet-accessible assets and bolstering cloud security to long-rage efforts including building a defensible architecture that is resilient in the face of evolving security incidents. The priority areas for FCEB agencies are:

• Asset Management – fully understand the cyber environment, including the operational terrain and interconnected assets.
• Vulnerability Management – proactively protect enterprise attack surface and assess defensive capabilities.
• Defensible Architecture – design cyber infrastructure with an understanding that security incidents will happen, and that resilience is essential.
• Cyber Supply Chain Risk Management (C-SCRM) – quickly identify and mitigate risks, including from third parties, posed to federal IT environments.
• Incident Detection and Response – improve the ability of Security Operations Centers (SOCs) to detect, respond to, and limit the impact of security incidents.

The FOCAL Plan was developed for FCEB agencies, but public and private sector organizations should find it useful as a roadmap to establish their own plan to bolster coordination of their enterprise security capabilities. 

The Plan is not intended to provide a comprehensive or exhaustive list that an agency or CISA must accomplish. Rather, it is designed to focus resources on actions that substantively advance operational cybersecurity improvements and alignment goals.

For more information CISA federal cybersecurity, please see Securing Networks or email CISA-FEIT@cisa.dhs.gov.

###

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on Twitter, Facebook, LinkedIn, Instagram.