Bipartisan group of senators urge State to employ basic cybersecurity measures

Bipartisan group of senators urge State to employ basic cybersecurity measures
© Anna Moneymaker

A bipartisan group of senators is pressing the State Department to adopt what they call basic cybersecurity measures and are criticizing the agency for not employing multifactor authentication measures to protect employees against cyberattacks.

Sens. Ron WydenRonald (Ron) Lee WydenRussian interference reports rock Capitol Hill McSally unveils bill to lower drug prices amid tough campaign Graham: Trump has 'all the legal authority in the world' to pardon Stone MORE (D-Ore.), Cory GardnerCory Scott GardnerWhere do we go from here? Conservation can show the way The Hill's Campaign Report: What to watch for in Nevada 8 people arrested outside Trump rally in Colorado for 'obstructed traffic' MORE (R-Colo.), Ed MarkeyEdward (Ed) John MarkeyKennedy, Markey neck-and-neck in Massachusetts primary: poll Overnight Energy: EPA to regulate 'forever chemicals' in drinking water | Trump budget calls for slashing funds for climate science centers | House Dems urge banks not to fund drilling in Arctic refuge Democratic senators criticize plan that could expand Arctic oil and gas development MORE (D-Mass.), Rand PaulRandal (Rand) Howard PaulSenate braces for fight over impeachment whistleblower testimony Pelosi names first-ever House whistleblower ombudsman director The Hill's Morning Report — AG Barr, GOP senators try to rein Trump in MORE (R-Ky.), and Jeanne ShaheenCynthia (Jeanne) Jeanne ShaheenOvernight Health Care: Appeals court strikes down Medicaid work requirements | Pelosi's staff huddles with aides on surprise billing | Senate Dems pressure Trump to drop ObamaCare lawsuit Senate Democrats pressure Trump to drop ObamaCare lawsuit Trump under pressure to renew last nuke treaty with Russia MORE (D-N.H.) on Tuesday sent a letter that urged Secretary of State Mike PompeoMichael (Mike) Richard PompeoLimbaugh: Democrats who set up George W. Bush to go to war with Iraq now organizing 'silent coup' against Trump Overnight Defense: Seven day 'reduction in violence' starts in Afghanistan | US, Taliban plan to sign peace deal Feb. 29 | Trump says top intel job has four candidates Former US ambassador Yovanovitch lands a book deal: report MORE to employ more multifactor authentication measures to secure the agency's information systems.

Multifactor authentication helps protect against phishing attacks that usually aim to steal user data.

ADVERTISEMENT

“We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of [multifactor authentication],” the senators wrote to Pompeo.

 “The Department of State’s Inspector General (IG) found last year that 33% of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits. The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems,’ ” the letter continues.

The lawmakers asked Pompeo what State has done to boost its security after the Office of Management and Budget designated the agency's cyber readiness as “high risk,” how the agency will address the lack of multifactor authentication that is required by law and for statistics that detail the department's cyber incidences over the last three years.

The lawmakers asked Pompeo to answer these questions by Oct. 12.

The letter comes amid heightened concern that hostile nation states like Russia and Iran are seeking to target the U.S. through digital means, particularly ahead of the upcoming midterm elections.

Recently, Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsRussian interference reports rock Capitol Hill Hillicon Valley: Facebook, Twitter split on Bloomberg video | Sanders briefed on Russian efforts to help campaign | Barr to meet with Republicans ahead of surveillance fight Overnight Defense: Seven day 'reduction in violence' starts in Afghanistan | US, Taliban plan to sign peace deal Feb. 29 | Trump says top intel job has four candidates MORE declared that the “warning lights are blinking red again” on Russians attempting to carry out cyberattacks during the midterms.

U.S. intelligence agencies say Kremlin hackers used phishing attacks during the heated 2016 presidential race to target political campaigns. 

In July it was reported that Russian hackers had targeted Sen. Claire McCaskillClaire Conner McCaskillDemocrats criticize Medal of Freedom for Limbaugh as 'slap in the face' Kansas City, Kan., responds to Trump tweet: We root for the Chiefs, too Trump mocked for Super Bowl tweet confusing Missouri for Kansas MORE's (D-Mo.) office with phishing emails.

That report came after special counsel Robert MuellerRobert (Bob) Swan MuellerCNN's Toobin warns McCabe is in 'perilous condition' with emboldened Trump CNN anchor rips Trump over Stone while evoking Clinton-Lynch tarmac meeting The Hill's 12:30 Report: New Hampshire fallout MORE indicted 12 Russian intelligence officers in the hacking of the Democratic National Committee in 2016 in charges related to his ongoing probe of Moscow's election interference.