Bipartisan group of senators urge State to employ basic cybersecurity measures

Bipartisan group of senators urge State to employ basic cybersecurity measures
© Anna Moneymaker

A bipartisan group of senators is pressing the State Department to adopt what they call basic cybersecurity measures and are criticizing the agency for not employing multifactor authentication measures to protect employees against cyberattacks.

Sens. Ron WydenRonald (Ron) Lee WydenWyden blasts FEC Republicans for blocking probe into NRA over possible Russia donations Wyden calls for end to political ad targeting on Facebook, Google Ex-CIA chief worries campaigns falling short on cybersecurity MORE (D-Ore.), Cory GardnerCory Scott GardnerThe Hill's Morning Report - Trump touts new immigration policy, backtracks on tax cuts Hickenlooper announces Senate bid Poll: Trump trails three Democrats by 10 points in Colorado MORE (R-Colo.), Ed MarkeyEdward (Ed) John MarkeyJoseph Kennedy mulling primary challenge to Markey in Massachusetts Overnight Energy: Trump sparks new fight over endangered species protections | States sue over repeal of Obama power plant rules | Interior changes rules for ethics watchdogs To cash in on innovation, remove market barriers for advanced energy technologies MORE (D-Mass.), Rand PaulRandal (Rand) Howard PaulGraham promises ObamaCare repeal if Trump, Republicans win in 2020 Conservatives buck Trump over worries of 'socialist' drug pricing Rand Paul to 'limit' August activities due to health MORE (R-Ky.), and Jeanne ShaheenCynthia (Jeanne) Jeanne ShaheenSunday shows - Recession fears dominate Lewandowski on potential NH Senate run: If I run, 'I'm going to win' Lewandowski says he's 'happy' to testify before House panel MORE (D-N.H.) on Tuesday sent a letter that urged Secretary of State Mike PompeoMichael (Mike) Richard Pompeo'China will not sit idly by' if US sells fighters to Taiwan, official says The Hill's Morning Report - Trump touts new immigration policy, backtracks on tax cuts Iceland's prime minister will not be in town for Pence's visit MORE to employ more multifactor authentication measures to secure the agency's information systems.

Multifactor authentication helps protect against phishing attacks that usually aim to steal user data.

ADVERTISEMENT

“We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of [multifactor authentication],” the senators wrote to Pompeo.

 “The Department of State’s Inspector General (IG) found last year that 33% of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits. The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems,’ ” the letter continues.

The lawmakers asked Pompeo what State has done to boost its security after the Office of Management and Budget designated the agency's cyber readiness as “high risk,” how the agency will address the lack of multifactor authentication that is required by law and for statistics that detail the department's cyber incidences over the last three years.

The lawmakers asked Pompeo to answer these questions by Oct. 12.

The letter comes amid heightened concern that hostile nation states like Russia and Iran are seeking to target the U.S. through digital means, particularly ahead of the upcoming midterm elections.

Recently, Director of National Intelligence Dan CoatsDaniel (Dan) Ray Coats10 declassified Russia collusion revelations that could rock Washington this fall 11 Essential reads you missed this week Trump crosses new line with Omar, Tlaib, Israel move MORE declared that the “warning lights are blinking red again” on Russians attempting to carry out cyberattacks during the midterms.

U.S. intelligence agencies say Kremlin hackers used phishing attacks during the heated 2016 presidential race to target political campaigns. 

In July it was reported that Russian hackers had targeted Sen. Claire McCaskillClaire Conner McCaskillEx-CIA chief worries campaigns falling short on cybersecurity Ocasio-Cortez blasts NYT editor for suggesting Tlaib, Omar aren't representative of Midwest Trump nominees meet fiercest opposition from Warren, Sanders, Gillibrand MORE's (D-Mo.) office with phishing emails.

That report came after special counsel Robert MuellerRobert (Bob) Swan MuellerMueller report fades from political conversation Trump calls for probe of Obama book deal Democrats express private disappointment with Mueller testimony MORE indicted 12 Russian intelligence officers in the hacking of the Democratic National Committee in 2016 in charges related to his ongoing probe of Moscow's election interference.