Bipartisan group of senators urge State to employ basic cybersecurity measures

Bipartisan group of senators urge State to employ basic cybersecurity measures
© Anna Moneymaker

A bipartisan group of senators is pressing the State Department to adopt what they call basic cybersecurity measures and are criticizing the agency for not employing multifactor authentication measures to protect employees against cyberattacks.

Sens. Ron WydenRonald (Ron) Lee WydenOn The Money: Pelosi says no debt ceiling hike until deal on spending caps | McConnell pressures White House to strike budget deal | Warren bill would wipe out billions in student debt | Senate passes IRS reform bill On The Money: Pelosi says no debt ceiling hike until deal on spending caps | McConnell pressures White House to strike budget deal | Warren bill would wipe out billions in student debt | Senate passes IRS reform bill Senate passes bipartisan IRS modernization bill MORE (D-Ore.), Cory GardnerCory Scott GardnerMcConnell defends Trump amid backlash: 'He gets picked at every day' McConnell defends Trump amid backlash: 'He gets picked at every day' The Hill's Morning Report — Uproar after Trump's defense of foreign dirt on candidates MORE (R-Colo.), Ed MarkeyEdward (Ed) John MarkeyDemocratic White House hopefuls push to expand health care in US territories Democratic White House hopefuls push to expand health care in US territories Hillicon Valley: Democratic state AGs sue to block T-Mobile-Sprint merger | House kicks off tech antitrust probe | Maine law shakes up privacy debate | Senators ask McConnell to bring net neutrality to a vote MORE (D-Mass.), Rand PaulRandal (Rand) Howard PaulOvernight Defense: Pompeo blames Iran for oil tanker attacks | House panel approves 3B defense bill | Trump shares designs for red, white and blue Air Force One Senate rejects effort to block Trump's Qatar, Bahrain arms sales Senate rejects effort to block Trump's Qatar, Bahrain arms sales MORE (R-Ky.), and Jeanne ShaheenCynthia (Jeanne) Jeanne ShaheenDesign leaks for Harriet Tubman bill after Mnuchin announces delay Design leaks for Harriet Tubman bill after Mnuchin announces delay Bipartisan senators push new bill to improve foreign lobbying disclosures MORE (D-N.H.) on Tuesday sent a letter that urged Secretary of State Mike PompeoMichael (Mike) Richard PompeoThe US must do its part in closing the largest outdoor prison in the world Trump rejects Iran's denial about attack on oil tankers, pointing to video Trump rejects Iran's denial about attack on oil tankers, pointing to video MORE to employ more multifactor authentication measures to secure the agency's information systems.

Multifactor authentication helps protect against phishing attacks that usually aim to steal user data.

ADVERTISEMENT

“We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of [multifactor authentication],” the senators wrote to Pompeo.

 “The Department of State’s Inspector General (IG) found last year that 33% of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits. The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems,’ ” the letter continues.

The lawmakers asked Pompeo what State has done to boost its security after the Office of Management and Budget designated the agency's cyber readiness as “high risk,” how the agency will address the lack of multifactor authentication that is required by law and for statistics that detail the department's cyber incidences over the last three years.

The lawmakers asked Pompeo to answer these questions by Oct. 12.

The letter comes amid heightened concern that hostile nation states like Russia and Iran are seeking to target the U.S. through digital means, particularly ahead of the upcoming midterm elections.

Recently, Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsHillicon Valley: Tim Cook visits White House | House hearing grapples with deepfake threat | Bill, Melinda Gates launch lobbying group | Tech turns to K-Street in antitrust fight | Lawsuit poses major threat to T-Mobile, Sprint merger Hillicon Valley: Tim Cook visits White House | House hearing grapples with deepfake threat | Bill, Melinda Gates launch lobbying group | Tech turns to K-Street in antitrust fight | Lawsuit poses major threat to T-Mobile, Sprint merger House Intel to take first major deep dive into threat of 'deepfakes' MORE declared that the “warning lights are blinking red again” on Russians attempting to carry out cyberattacks during the midterms.

U.S. intelligence agencies say Kremlin hackers used phishing attacks during the heated 2016 presidential race to target political campaigns. 

In July it was reported that Russian hackers had targeted Sen. Claire McCaskillClaire Conner McCaskillConservatives spark threat of bloody GOP primaries Congress needs to work to combat the poverty, abuse and neglect issues that children face Lobbying world MORE's (D-Mo.) office with phishing emails.

That report came after special counsel Robert MuellerRobert (Bob) Swan MuellerKamala Harris says her Justice Dept would have 'no choice' but to prosecute Trump for obstruction Kamala Harris says her Justice Dept would have 'no choice' but to prosecute Trump for obstruction Dem committees win new powers to investigate Trump MORE indicted 12 Russian intelligence officers in the hacking of the Democratic National Committee in 2016 in charges related to his ongoing probe of Moscow's election interference.