CISA Information and Updates on COVID-19


As the nation’s risk advisor, CISA brings our partners in industry and the full power of the federal government together to improve American cyber and infrastructure security.

VISIT CISA'S CYBER RESOURCE HUB FOR FREE SERVICES Contact Us Image of a rolodex Critical Infrastructure Workforce Image of a laptop
CISA Support to the COVID Vaccine Visit CISA's Cyber Resource Hub For Free Services COVID-19 Questions Frequently Referenced Contact Information for COVID-19 Essential Critical Infrastructure Workers Guidance Telework Guidance and Resources

    What the U.S. Government is Doing

    • The White House, CDC and Health and Human Services launched
    • Use GSA’s Coronavirus Page, Spanish version for government-wide COVID-19 information.
    • Learn about DHS efforts, and FEMA's work here.
    • FEMA released the “COVID-19 Pandemic Operational Guidance for the 2020 Hurricane Season” to help emergency managers and public health officials best prepare for disasters, while continuing to respond to and recover from coronavirus.
    • Resources to ensure upcoming elections are accessible and secure, and that voters are safe can be found at the Election Assistance Committee.
    • FEMA and CISA are responsible for coordinating Emergency Support Function (ESF) efforts.  ESFs assist in coordinating federal interagency support for a federal response to an incident – in this case, to COVID-19. ESF #14 (Cross Sector Business and Infrastructure) was established to engage private sector and infrastructure owners and operators to help find and close gaps. It complements Sector-Specific Agencies (SSA) and other ESFs and is a mechanism for entities not aligned to an ESF or have other means of coordination to bring forward current issues and work toward solutions. For more information, email
    • The CISA Insights: COVID-19 Disinformation Activity addresses disinformation campaigns and conspiracy theories appearing online, and provides the public steps on how to minimize the risk of spreading false or misleading content.
    • CISA’s COVID-19 Disinformation Toolkit helps State, local, tribal and territorial (SLTT) officials bring awareness to misinformation, disinformation, and conspiracy theories appearing online related to COVID-19’s origin, scale, government response, prevention and treatment.
    • To get groundtruth on rumors and facts please visit the FEMA Rumor Control page.  
    • The CDC has guidance for discontinuation of isolation for persons with non-test confirmed COVID-19 in a non- healthcare setting. Persons with COVID-19 who have symptoms and were directed to care for themselves at home may discontinue isolation under the following conditions:
      • At least three days (72 hours) have passed since recovery defined as resolution of fever without the use of fever-reducing medications and
      • Improvement in respiratory symptoms (e.g., cough, shortness of breath); and,
      • At least seven days have passed since symptoms first appeared.
    • FEMA’s guidance on addressing the shortage of Personal Protective Equipment (PPE) in Non-Healthcare setting.
    • DHS S&T has published a calculator to estimate how long the virus stays active on surfaces.

    Critical Infrastructure 


    • CISA released CISA Insights: Cybersecurity Perspectives Healthcare and Public Health (HPH) Response to COVID-19. This new resource provides observations and findings derived from an analysis of HPH entities enrolled in CISA's free vulnerability scanning service from March to November 2020. All HPH entities should review the assessment and take appropriate action to reduce vulnerability and maintain resilient cybersecurity practices.   
    • CISA released a guide for parents, teachers and school administrators that provides information to prevent or mitigate malicious cyber actors from targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, theft of data, and the disruption of learning services.
    • CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a Joint Cybersecurity Advisory that provides an assessment on recent attempts of malicious cyber actors to target kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, theft of data, and the disruption of learning services. 
    • The Cyber Essentials Toolkit is a set of modules designed to break down the CISA Cyber Essentials into bite-sized actions for IT and C-suite leadership to work toward full implementation of each Cyber Essential.
    • Activity Alert: AA20-219A: Malicious Cyber Actor Spoofing SBA COVID-19 Loan Relief Webpage via Phishing Emails. CISA is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 relief webpage via phishing emails. These emails include a malicious link to a fake page used for malicious re-directs and credential stealing. 
    • CISA, the Department of Energy, and the UK's National Cyber Security Centre (NCSC) released the Cybersecurity Best Practices for Industrial Control Systems.
    • CISA, the U.S. Department of the Treasury, the Internal Revenue Service, and the United States Secret Service released a joint message urging all Americans to be on the lookout for criminal fraud related to COVID-19 economic impact payments.
    • On May 13, CISA and the FBI issued a joint alert announcing that the People’s Republic of China (PRC) are targeting  COVID-19 research organizations.
    • CISA offers cyber hygiene services, like  free scanning and testing services, to help organizations secure internet-facing systems from weak configuration and known vulnerabilities.
    • Joint CISA and UK Tip on COVID-19 Cyber Threat Exploitation.
    • A May 5 Joint CISA/UK alert on Key Healthcare Organizations in UK and USA was issued.
    • An April 8 Joint CISA/UK cyber alert details how cyber criminals and advanced persistent threat (APT) groups are targeting individuals and organizations with a range of ransomware and malware. The alert includes indicators of compromise (IOCs) for detection, and guidance for organizations and individuals on how to decrease the risk of cyberattacks.
    • CISA’s updated  TIC 3.0 Interim Telework Guidance, released April 8, focuses on remote federal employees connecting to private agency networks and cloud environments in a secure manner.
    • On March 13, 2020, CISA released an alert encouraging organizations to adopt a heightened state of cybersecurity when considering alternate workplace options for their employees.
    • On March 6, 2020 CISA released an alert reminding individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19).
    • The CISA Insights: Risk Management for Novel Coronavirus (COVID-19) provides executives a tool to help them think through physical, supply chain, and cybersecurity issues that may arise from the spread of Novel Coronavirus, or COVID-19.

    Additional Resources From Our Partners

    Emergency Communications

    Was this webpage helpful?  Yes  |  Somewhat  |  No