Under Portman Questioning, Mayorkas Admits to New Major Cyber Incident

WASHINGTON, DC – Today, U.S. Senator Rob Portman (R-OH), Ranking Member of the Senate Homeland Security and Governmental Affairs Committee, questioned Department of Homeland Security (DHS) Secretary Alejandro Mayorkas about yesterday’s alert from CISA and the FBI which stated that Iranian government-sponsored hackers had compromised federal agencies. In response to Portman’s questions, Secretary Mayorkas admitted the attack should be considered a major cyber incident, which would trigger notification to Congress. 

Senator Portman has led several efforts to strengthen our nation’s cybersecurity including reforms to the Federal Information Security Modernization Act’s major incident definition which requires cyber incident reporting to Congress. In March, the Senate passed the landmark Strengthening American Cybersecurity Act to significantly enhance our nation’s ability to combat ongoing cybersecurity threats against our critical infrastructure and the federal government. The legislation combines language from three bills Portman authored and advanced out of the Committee – the Cyber Incident Reporting Act, the Federal Information Security Modernization Act, and theFederal Secure Cloud Improvement and Jobs ActThe combined bill will require critical infrastructure owners and operators and civilian federal agencies to report to the Cybersecurity and Infrastructure Security Agency (CISA) if they experience a substantial cyberattack. 

A transcript of Portman’s questioning can be found below and a video can be found here

Portman: “With regard to the cyberattacks we talked about earlier, the agencies that have been compromised in some of these attacks concern us greatly. Yesterday, CISA and the FBI issued a joint advisory detailing suspected Iranian government-sponsored actors compromise of federal agencies using this Log4 Shell vulnerability. I ask unanimous consent, Mr. Chairman, to include that advisory in the record, so we have it as part of this record. We have discussed this vulnerability at length in this Committee and other examples of the issues. My time is expiring here in a second, but can you just tell us, Secretary Mayorkas, what agencies or agency was compromised with regard to this latest announcement you made regarding the Iranian government-sponsored attack?” 

The Honorable Alejandro N. Mayorkas, Secretary of the U.S. Department of Homeland Security: “Ranking Member Portman, that identity has not been disclosed and I’d need to speak with my colleagues to determine whether I would be compromising any security interest in doing so.” 

Portman: “Are you confident that the actors have been expelled from our federal networks?” 

Secretary Mayorkas: “I will once again have to confer with my colleagues to determine the status of the effort by the bad actors.” 

Portman:“We are considering, as you know, this FISMA reauthorization. This is the Federal Information Security Modernization Act to trigger cyber incident reporting to Congress. Would this be considered a major incident?” 

Secretary Mayorkas: “I believe so, Ranking Member Portman.” 

Portman: “Thank you, Mr. Chairman.”