Bipartisan group of senators urge State to employ basic cybersecurity measures

Bipartisan group of senators urge State to employ basic cybersecurity measures
© Anna Moneymaker

A bipartisan group of senators is pressing the State Department to adopt what they call basic cybersecurity measures and are criticizing the agency for not employing multifactor authentication measures to protect employees against cyberattacks.

Sens. Ron WydenRonald (Ron) Lee WydenUS ban on China tech giant faces uncertainty a month out Hillicon Valley: GOP lawmakers offer election security measure | FTC Dem worries government is 'captured' by Big Tech | Lawmakers condemn Apple over Hong Kong censorship Lawmakers condemn Apple, Activision Blizzard over censorship of Hong Kong protesters MORE (D-Ore.), Cory GardnerCory Scott GardnerBennet reintroduces bill to ban lawmakers from becoming lobbyists GOP warns Graham letter to Pelosi on impeachment could 'backfire' The Hill's Morning Report - Dem debate contenders take aim at Warren MORE (R-Colo.), Ed MarkeyEdward (Ed) John MarkeyFlight attendant union endorses Markey in Senate primary battle Overnight Defense — Presented by Boeing — House passes resolution rebuking Trump over Syria | Sparks fly at White House meeting on Syria | Dems say Trump called Pelosi a 'third-rate politician' | Trump, Graham trade jabs Senate confirms Trump's Air Force secretary pick MORE (D-Mass.), Rand PaulRandal (Rand) Howard PaulTurkey sanctions face possible wall in GOP Senate Trump-Graham relationship tested by week of public sparring Overnight Defense — Presented by Boeing — Pence says Turkey agrees to ceasefire | Senators vow to move forward with Turkey sanctions | Mulvaney walks back comments tying Ukraine aid to 2016 probe MORE (R-Ky.), and Jeanne ShaheenCynthia (Jeanne) Jeanne ShaheenGraham, Van Hollen introduce Turkey sanctions bill Senators fear Syria damage 'irreversible' after Esper, Milley briefing US envoy insists Syria pullout doesn't affect Iran strategy MORE (D-N.H.) on Tuesday sent a letter that urged Secretary of State Mike PompeoMichael (Mike) Richard PompeoGOP lawmaker: Trump administration 'playing checkers' in Syria while others are 'playing chess' Trump-Graham relationship tested by week of public sparring White House officials work to tamp down controversies after a tumultuous week MORE to employ more multifactor authentication measures to secure the agency's information systems.

Multifactor authentication helps protect against phishing attacks that usually aim to steal user data.

ADVERTISEMENT

“We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of [multifactor authentication],” the senators wrote to Pompeo.

 “The Department of State’s Inspector General (IG) found last year that 33% of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits. The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems,’ ” the letter continues.

The lawmakers asked Pompeo what State has done to boost its security after the Office of Management and Budget designated the agency's cyber readiness as “high risk,” how the agency will address the lack of multifactor authentication that is required by law and for statistics that detail the department's cyber incidences over the last three years.

The lawmakers asked Pompeo to answer these questions by Oct. 12.

The letter comes amid heightened concern that hostile nation states like Russia and Iran are seeking to target the U.S. through digital means, particularly ahead of the upcoming midterm elections.

Recently, Director of National Intelligence Dan CoatsDaniel (Dan) Ray Coats281 lobbyists have worked in Trump administration: report Former intelligence chief Coats rejoins law firm Remembering leaders who put country above party MORE declared that the “warning lights are blinking red again” on Russians attempting to carry out cyberattacks during the midterms.

U.S. intelligence agencies say Kremlin hackers used phishing attacks during the heated 2016 presidential race to target political campaigns. 

In July it was reported that Russian hackers had targeted Sen. Claire McCaskillClaire Conner McCaskillIranian attacks expose vulnerability of campaign email accounts Ex-CIA chief worries campaigns falling short on cybersecurity Ocasio-Cortez blasts NYT editor for suggesting Tlaib, Omar aren't representative of Midwest MORE's (D-Mo.) office with phishing emails.

That report came after special counsel Robert MuellerRobert (Bob) Swan MuellerFox News legal analyst says Trump call with Ukraine leader could be 'more serious' than what Mueller 'dragged up' Lewandowski says Mueller report was 'very clear' in proving 'there was no obstruction,' despite having 'never' read it Fox's Cavuto roasts Trump over criticism of network MORE indicted 12 Russian intelligence officers in the hacking of the Democratic National Committee in 2016 in charges related to his ongoing probe of Moscow's election interference.