WASHINGTON, D.C. – A provision based on a bipartisan bill introduced U.S. Senators Gary Peters (D-MI), Ranking Member of the Homeland Security and Governmental Affairs Committee, Ron Johnson (R-WI), Chairman of the Homeland Security and Governmental Affairs Committee, Amy Klobuchar (D-MN), Ranking Member of the Rules Committee and James Lankford (R-OK) to strengthen local government cybersecurity defenses by encouraging adoption of the .gov domain for websites and email accounts was signed into law as a part of the year-end funding bill.
The provision, originally introduced as the DOTGOV Online Trust in Government Act, directs the Department of Homeland of Security (DHS) to provide resources and assistance to local governments wanting to adopt .gov web addresses. Federal and state government agencies commonly use the .gov domain, but it is not widely used on a local level. This trusted domain increases resilience to cybercrimes that frequently target local government systems, including imposter websites and email accounts, as well as ransomware attacks.
“Michiganders and Americans need to be able to trust that information they are seeking from or sharing with local governments is secure and reliable, especially as more folks are counting on state and local government assistance during these trying times,” said Senator Peters. “I am thrilled this bipartisan legislation that will help Michigan’s city and county governments protect the public from harmful online attacks was signed into law.”
“The passage of this bill will ensure state, local, tribal, and territorial governments have greater access to a trusted domain and Department of Homeland Security resources, ultimately increasing the security of their websites in today’s ever-changing cyber threat landscape,” said Senator Johnson. “It will also help Americans and businesses know which government websites are legitimate and better prevent them from distributing sensitive information.”
“It is vital for Americans to know that they’re accessing trusted and secure information from the government. The .gov domain helps do that,” said Senator Klobuchar. “Unfortunately, right now many state, tribal and local governments don’t use the .gov domains, allowing cybercriminals to easily impersonate government officials. Our bipartisan bill will improve our nation’s cybersecurity by providing support services, security enhancements, and dedicated outreach to help local governments adopt the .gov domain.”
“Americans often search the internet to find credible and factual sources for basic data, especially on official government sites,” said Senator Lankford. “This is a simple, straightforward change will help people discern official websites from unofficial websites by allowing the .gov domain to only be used by city, state, county, or Tribal governments. This small fix will assist people searching the web to quickly discern reliable, government sources.”
Many county and local governments do not use the .gov domain, giving cyber criminals an opportunity to create fake local government websites and email addresses used in attacks to trick individuals and small businesses into sharing sensitive information. For victims, it can be difficult to identify a legitimate website when a government uses .com, .org, or .us domains. Websites and emails ending in .gov are easily recognized as official and difficult to impersonate, which can help safeguard against these types of malicious attacks. Attackers using imposter local government emails can trick people into exposing personal information, making false payments, or spread malware, including ransomware.
The DOTGOV Online Trust in Government Act directs the Cybersecurity and Infrastructure Security Agency (CISA), a component of DHS, to work with local governments to help them transition to .gov domains. The bill directs DHS to develop an outreach strategy and resources to help local government offices take advantage of .gov security features. The bill also helps make the transition more affordable for local governments by making the change an allowable expense under DHS’s Homeland Security Grant Program.
As Ranking Member of the Senate Homeland Security and Governmental Affairs Committee and a member of the bipartisan Senate Cybersecurity Caucus, Peters has led efforts to bolster our nation’s cybersecurity defenses. The Senate unanimously approved Peters’ bills to develop and retain highly-skilled cybersecurity professionals in the federal workforce and strengthen cybersecurity coordination between DHS and state and local governments. Peters also introduced bipartisan legislation to improve access to cybersecurity resources and training for small businesses and support K-12 schools with the resources they need to bolster their cybersecurity. A provision based on his bill to ensure that America is prepared to respond to and recover in the event of a major cyber-attack passed as part of the annual defense bill.