Bipartisan group of senators urge State to employ basic cybersecurity measures

Bipartisan group of senators urge State to employ basic cybersecurity measures
© Anna Moneymaker

A bipartisan group of senators is pressing the State Department to adopt what they call basic cybersecurity measures and are criticizing the agency for not employing multifactor authentication measures to protect employees against cyberattacks.

Sens. Ron WydenRonald (Ron) Lee WydenTensions flare as GOP's Biden probe ramps up  Frustration builds as negotiators struggle to reach COVID-19 deal On The Money: Unemployment benefits to expire as coronavirus talks deadlock | Meadows, Pelosi trade criticism on stalled stimulus talks | Coronavirus recession hits Social Security, Medicare, highway funding MORE (D-Ore.), Cory GardnerCory Scott GardnerOVERNIGHT ENERGY: Trump signs major conservation bill into law | Senate votes to confirm Energy's No. 2 official | Trump Jr. expresses opposition to Pebble Mine project Trump signs major conservation bill into law 300 green groups say Senate has 'moral duty' to reject Trump's public lands nominee MORE (R-Colo.), Ed MarkeyEdward (Ed) John MarkeyThe Hill's Campaign Report: Even the Post Office is political now | Primary action tonight | Super PACS at war Markey offers apology to family of unarmed Black teen amid criticism The Hill's Campaign Report: Biden's latest plan on racial inequality MORE (D-Mass.), Rand PaulRandal (Rand) Howard PaulMultiple lawmakers self-quarantine after exposure to Gohmert Gohmert tests positive for COVID-19 Republican senators revolt over coronavirus proposal MORE (R-Ky.), and Jeanne ShaheenCynthia (Jeanne) Jeanne ShaheenThe Hill's Coronavirus Report: GoDaddy CEO Aman Bhutani says DC policymakers need to do more to support ventures and 'solo-preneurs'; Federal unemployment benefits expire as coronavirus deal-making deadlocks Overnight Defense: Pompeo pressed on move to pull troops from Germany | Panel abruptly scraps confirmation hearing | Trump meets family of slain soldier Shaheen, Chabot call for action on new round of PPP loans MORE (D-N.H.) on Tuesday sent a letter that urged Secretary of State Mike PompeoMichael (Mike) Richard PompeoEstablishment-backed Marshall defeats Kobach in Kansas GOP Senate primary Biden offers well wishes to Lebanon after deadly explosion Overnight Defense: Marines find human remains after training accident | Fourth service member killed by COVID-19 | Pompeo huddles with Taliban negotiator MORE to employ more multifactor authentication measures to secure the agency's information systems.

Multifactor authentication helps protect against phishing attacks that usually aim to steal user data.

ADVERTISEMENT

“We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of [multifactor authentication],” the senators wrote to Pompeo.

 “The Department of State’s Inspector General (IG) found last year that 33% of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits. The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems,’ ” the letter continues.

The lawmakers asked Pompeo what State has done to boost its security after the Office of Management and Budget designated the agency's cyber readiness as “high risk,” how the agency will address the lack of multifactor authentication that is required by law and for statistics that detail the department's cyber incidences over the last three years.

The lawmakers asked Pompeo to answer these questions by Oct. 12.

The letter comes amid heightened concern that hostile nation states like Russia and Iran are seeking to target the U.S. through digital means, particularly ahead of the upcoming midterm elections.

Recently, Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsTrump flails as audience dwindles and ratings plummet America's divide widens: Ignore it no longer Trump gives Grenell his Cabinet chair after he steps down MORE declared that the “warning lights are blinking red again” on Russians attempting to carry out cyberattacks during the midterms.

U.S. intelligence agencies say Kremlin hackers used phishing attacks during the heated 2016 presidential race to target political campaigns. 

In July it was reported that Russian hackers had targeted Sen. Claire McCaskillClaire Conner McCaskillDemocratic-linked group runs ads in Kansas GOP Senate primary Trump mocked for low attendance at rally Missouri county issues travel advisory for Lake of the Ozarks after Memorial Day parties MORE's (D-Mo.) office with phishing emails.

That report came after special counsel Robert MuellerRobert (Bob) MuellerCNN's Toobin warns McCabe is in 'perilous condition' with emboldened Trump CNN anchor rips Trump over Stone while evoking Clinton-Lynch tarmac meeting The Hill's 12:30 Report: New Hampshire fallout MORE indicted 12 Russian intelligence officers in the hacking of the Democratic National Committee in 2016 in charges related to his ongoing probe of Moscow's election interference.