| 41 | | - | WHEREAS, the frequency, scale, and sophistication of cyberattacks against key infrastructure and government systems have been on the rise in recent years; and WHEREAS, many of these cyberattacks lead to data breaches of highly sensitive and personal information, such as the major security breach suffered by the United States (U.S.) Marshals Service on February 17, 2023; and WHEREAS, the U.S. Marshals Service is a division of the United States Department of Justice that provides for the protection of judges and court personnel, transportation of federal prisoners, and operation of the federal Witness Protection Program; and WHEREAS, according to United States Department of Justice officials, hackers attacked the computer system through ransomware and stole law enforcement data that included returns from the legal process, administrative information, and personally identifiable information relating to U.S. Marshals Service investigative targets, third parties, and certain U.S. Marshals Service employees; and WHEREAS, recent significant cyberattacks on other governmental entities include the ransomware attacks on various governmental institutions of Costa Rica throughout April and May of 2022, and the attack on Vanuatu's government servers and websites in November 2022; and WHEREAS, the ransomware attacks on the Costa Rican government not only caused losses of tens of millions of dollars a day to the country's import/export industry for months, but also widespread disruptions to the country's social security fund and health care system, causing Costa Rica to be the first nation to declare a national emergency due these attacks; and WHEREAS, Vanuatu is an archipelagic state in the Pacific with a population of just over 315,000 people and the cyberattack to this nation took down virtually all of the government's digital networks, including but not limited to its emergency systems, medical records, vehicle registrations, driver's license databases, and tax systems, thereby causing its agencies to conduct their work on paper and by using personal email accounts for months following the attack; and WHEREAS, the ongoing cyberwarfare between Russia and Ukraine, which has resulted in skewed election results, theft and destruction of data, blackouts, and other forms of data breaches and service disruptions, demonstrates the magnitude of chaos that can be caused by cybercriminals, not only to key day-to-day operations, but also to major institutions and infrastructure; and WHEREAS, the growing state of cyber threats and speed at which cyber criminals target government entities require that the State have up-to-date technology to lower the chances of a possible data breach or worse; now, therefore, BE IT RESOLVED by the Senate of the Thirty-second Legislature of the State of Hawaii, Regular Session of 2023, that the Chief Information Officer is requested to review whether all departments, agencies, and offices of the State have up-to-date technology to reduce cyber threats and help protect the State against cyberattacks; and BE IT FURTHER RESOLVED that all departments, agencies, and offices of the State are requested to cooperate with and assist the Chief Information Officer to determine whether any and what upgrades are needed to current technology to reduce the chances of falling victim to cyber threats, including but not limited to disruptive hacks, ransomware attacks, data breaches, and digital scams; and BE IT FURTHER RESOLVED that the Chief Information Officer is requested to submit a report of its findings and recommendations, including any proposed legislation and the prioritization of projects to upgrade the technology of the State, to the Legislature prior to the convening of the Regular Session of 2024; and BE IT FURTHER RESOLVED that certified copies of this Resolution be transmitted to the Governor and Chief Information Officer. Report Title: Cybersecurity; Data Breaches; Chief Information Officer; Report |
|---|
| 41 | + | WHEREAS, the frequency, scale, and sophistication of cyberattacks against key infrastructure and government systems have been on the rise in recent years; and WHEREAS, many of these cyberattacks lead to data breaches of highly sensitive and personal information, such as the major security breach suffered by the United States (U.S.) Marshals Service on February 17, 2023; and WHEREAS, the U.S. Marshals Service is a division of the United States Department of Justice that provides for the protection of judges and court personnel, transportation of federal prisoners, and operation of the federal Witness Protection Program; and WHEREAS, according to United States Department of Justice officials, hackers attacked the computer system through ransomware and stole law enforcement data that included returns from the legal process, administrative information, and personally identifiable information relating to U.S. Marshals Service investigative targets, third parties, and certain U.S. Marshals Service employees; and WHEREAS, recent significant cyberattacks on other governmental entities include the ransomware attacks on various governmental institutions of Costa Rica throughout April and May of 2022, and the attack on Vanuatu's government servers and websites in November 2022; and WHEREAS, the ransomware attacks on the Costa Rican government not only caused losses of tens of millions of dollars a day to the country's import/export industry for months, but also widespread disruptions to the country's social security fund and health care system, causing Costa Rica to be the first nation to declare a national emergency due these attacks; and WHEREAS, Vanuatu is an archipelagic state in the Pacific with a population of just over 315,000 people and the cyberattack to this nation took down virtually all of the government's digital networks, including but not limited to its emergency systems, medical records, vehicle registrations, driver's license databases, and tax systems, thereby causing its agencies to conduct their work on paper and by using personal email accounts for months following the attack; and WHEREAS, the ongoing cyberwarfare between Russia and Ukraine, which has resulted in skewed election results, theft and destruction of data, blackouts, and other forms of data breaches and service disruptions, demonstrates the magnitude of chaos that can be caused by cybercriminals, not only to key day-to-day operations, but also to major institutions and infrastructure; and WHEREAS, the growing state of cyber threats and speed at which cyber criminals target government entities require that the State have up-to-date technology to lower the chances of a possible data breach or worse; now, therefore, BE IT RESOLVED by the Senate of the Thirty-second Legislature of the State of Hawaii, Regular Session of 2023, that the Chief Information Officer is requested to ensure that all departments, agencies, and offices of the State have up-to-date technology to reduce cyber threats and help protect the State against cyberattacks; and BE IT FURTHER RESOLVED that all departments, agencies, and offices of the State are requested to cooperate with and assist the Chief Information Officer to determine whether any and what upgrades are needed to current technology to reduce the chances of falling victim to cyber threats, including but not limited to disruptive hacks, ransomware attacks, data breaches, and digital scams; and BE IT FURTHER RESOLVED that the Chief Information Officer is requested to submit a report of its findings and recommendations, including any proposed legislation and the prioritization of projects to upgrade the technology of the State, to the Legislature prior to the convening of the Regular Session of 2024; and BE IT FURTHER RESOLVED that certified copies of this Resolution be transmitted to the Governor and Chief Information Officer. OFFERED BY: _____________________________ Report Title: Cybersecurity; Data Breaches; Chief Information Officer; Report |
|---|