SPONSORED:

Bipartisan group of senators urge State to employ basic cybersecurity measures

Bipartisan group of senators urge State to employ basic cybersecurity measures
© Anna Moneymaker

A bipartisan group of senators is pressing the State Department to adopt what they call basic cybersecurity measures and are criticizing the agency for not employing multifactor authentication measures to protect employees against cyberattacks.

Sens. Ron WydenRonald (Ron) Lee WydenHillicon Valley: Government used Patriot Act to gather website visitor logs in 2019 | Defense bill leaves out Section 230 repeal, includes White House cyber czar position | Officials warn hackers are targeting vaccine supply chain Government used Patriot Act to gather website visitor logs in 2019 Despite veto threat, Congress presses ahead on defense bill MORE (D-Ore.), Cory GardnerCory GardnerMark Kelly to be sworn in as senator on Wednesday Hillicon Valley: Trump fires top federal cybersecurity official, GOP senators push back | Apple to pay 3 million to resolve fight over batteries | Los Angeles Police ban use of third-party facial recognition software Senate passes bill to secure internet-connected devices against cyber vulnerabilities MORE (R-Colo.), Ed MarkeyEd MarkeyACLU sues DHS for records on purchased cell phone data to track immigrants DHS watchdog to probe agency's tracking of Americans' phone data without a warrant Manchin: Ocasio-Cortez 'more active on Twitter than anything else' MORE (D-Mass.), Rand PaulRandal (Rand) Howard PaulOvernight Defense: Lawmakers release compromise defense bill in defiance of Trump veto threat | Senate voting next week on blocking UAE arms sale | Report faults lack of training, 'chronic fatigue' in military plane crashes Senate to vote next week on blocking Trump's UAE arms sale McConnell in tough position as House eyes earmark return MORE (R-Ky.), and Jeanne ShaheenCynthia (Jeanne) Jeanne ShaheenLawmakers pressure leaders to reach COVID-19 relief deal Top Democrat calls Trump's Afghan drawdown 'the right policy decision' as others warn of 'mistake' Overnight Defense: How members of the Armed Services committees fared in Tuesday's elections | Military ballots among those uncounted in too-close-to-call presidential race | Ninth US service member killed by COVID-19 MORE (D-N.H.) on Tuesday sent a letter that urged Secretary of State Mike PompeoMichael (Mike) Richard PompeoPompeo imposes visa restrictions on Chinese officials over 'intimidation' tactics Israel's new Gulf relations give Biden's team a new Middle East hub Pompeo knocks Turkey in NATO speech: report MORE to employ more multifactor authentication measures to secure the agency's information systems.

Multifactor authentication helps protect against phishing attacks that usually aim to steal user data.

ADVERTISEMENT

“We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of [multifactor authentication],” the senators wrote to Pompeo.

 “The Department of State’s Inspector General (IG) found last year that 33% of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits. The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems,’ ” the letter continues.

The lawmakers asked Pompeo what State has done to boost its security after the Office of Management and Budget designated the agency's cyber readiness as “high risk,” how the agency will address the lack of multifactor authentication that is required by law and for statistics that detail the department's cyber incidences over the last three years.

The lawmakers asked Pompeo to answer these questions by Oct. 12.

The letter comes amid heightened concern that hostile nation states like Russia and Iran are seeking to target the U.S. through digital means, particularly ahead of the upcoming midterm elections.

Recently, Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsSenate Intelligence Committee leaders warn of Chinese threats to national security New federal cybersecurity lead says 'rumor control' site will remain up through January Biden soars as leader of the free world MORE declared that the “warning lights are blinking red again” on Russians attempting to carry out cyberattacks during the midterms.

U.S. intelligence agencies say Kremlin hackers used phishing attacks during the heated 2016 presidential race to target political campaigns. 

In July it was reported that Russian hackers had targeted Sen. Claire McCaskillClaire Conner McCaskillMcCaskill: 'Hypocrisy' for GOP to target Biden nominee's tweets after Trump Democrats must turn around Utah police arrest man driving 130 mph claiming he was going to kill former Missouri senator MORE's (D-Mo.) office with phishing emails.

That report came after special counsel Robert MuellerRobert (Bob) MuellerBarr taps attorney investigating Russia probe origins as special counsel CNN's Toobin warns McCabe is in 'perilous condition' with emboldened Trump CNN anchor rips Trump over Stone while evoking Clinton-Lynch tarmac meeting MORE indicted 12 Russian intelligence officers in the hacking of the Democratic National Committee in 2016 in charges related to his ongoing probe of Moscow's election interference.