Bipartisan group of senators urge State to employ basic cybersecurity measures

Bipartisan group of senators urge State to employ basic cybersecurity measures
© Anna Moneymaker

A bipartisan group of senators is pressing the State Department to adopt what they call basic cybersecurity measures and are criticizing the agency for not employing multifactor authentication measures to protect employees against cyberattacks.

Sens. Ron WydenRonald (Ron) Lee WydenDem lawmaker: 'Trump's presidency is the real national emergency' Dems introduce bill to take gender-specific terms out of tax code to make it LGBT-inclusive 8 surprising times our intel community spied on US citizens MORE (D-Ore.), Cory GardnerCory Scott GardnerBipartisan Senators reintroduce legislation to slap new sanctions on Russia Dems seeking path to Senate majority zero-in on Sun Belt Lawmakers eager for 5G breakthrough MORE (R-Colo.), Ed MarkeyEdward (Ed) John MarkeyGreen New Deal Resolution invites big picture governing We can have a Green New Deal, and air travel too 2020 Dem slams Green New Deal: As realistic as Trump's claim that Mexico will pay for wall MORE (D-Mass.), Rand PaulRandal (Rand) Howard PaulBusiness, conservative groups slam Trump’s national emergency declaration The Hill's 12:30 Report — Presented by Kidney Care Partners — Trump escalates border fight with emergency declaration On The Money: Trump declares emergency at border | Braces for legal fight | Move divides GOP | Trump signs border deal to avoid shutdown | Winners, losers from spending fight | US, China trade talks to resume next week MORE (R-Ky.), and Jeanne ShaheenCynthia (Jeanne) Jeanne ShaheenDems slam EPA plan for fighting drinking water contaminants Bipartisan Senators reintroduce legislation to slap new sanctions on Russia Dems seeking path to Senate majority zero-in on Sun Belt MORE (D-N.H.) on Tuesday sent a letter that urged Secretary of State Mike PompeoMichael (Mike) Richard PompeoThe Hill's Morning Report — Presented by the American Academy of HIV Medicine — Trump, Congress prepare for new border wall fight Overnight Defense: Trump to sign funding deal, declare national emergency | Shanahan says allies will be consulted on Afghanistan | Dem demands Khashoggi documents Senate confirms Trump pick William Barr as new attorney general MORE to employ more multifactor authentication measures to secure the agency's information systems.

Multifactor authentication helps protect against phishing attacks that usually aim to steal user data.

ADVERTISEMENT

“We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of [multifactor authentication],” the senators wrote to Pompeo.

 “The Department of State’s Inspector General (IG) found last year that 33% of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits. The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems,’ ” the letter continues.

The lawmakers asked Pompeo what State has done to boost its security after the Office of Management and Budget designated the agency's cyber readiness as “high risk,” how the agency will address the lack of multifactor authentication that is required by law and for statistics that detail the department's cyber incidences over the last three years.

The lawmakers asked Pompeo to answer these questions by Oct. 12.

The letter comes amid heightened concern that hostile nation states like Russia and Iran are seeking to target the U.S. through digital means, particularly ahead of the upcoming midterm elections.

Recently, Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsEx-Trump official says intel community's testimony interfered in US-North Korea talks Is a presidential appointment worth the risk? Intel agencies' threat assessment matters more than tiff with Trump MORE declared that the “warning lights are blinking red again” on Russians attempting to carry out cyberattacks during the midterms.

U.S. intelligence agencies say Kremlin hackers used phishing attacks during the heated 2016 presidential race to target political campaigns. 

In July it was reported that Russian hackers had targeted Sen. Claire McCaskillClaire Conner McCaskillMcCaskill: Lindsey Graham 'has lost his mind' Trey Gowdy joins Fox News as a contributor The Hill’s 12:30 Report: Trump AG pick Barr grilled at hearing | Judge rules against census citizenship question | McConnell blocks second House bill to reopen government MORE's (D-Mo.) office with phishing emails.

That report came after special counsel Robert MuellerRobert Swan MuellerSasse: US should applaud choice of Mueller to lead Russia probe MORE indicted 12 Russian intelligence officers in the hacking of the Democratic National Committee in 2016 in charges related to his ongoing probe of Moscow's election interference.