Bipartisan group of senators urge State to employ basic cybersecurity measures

Bipartisan group of senators urge State to employ basic cybersecurity measures
© Anna Moneymaker

A bipartisan group of senators is pressing the State Department to adopt what they call basic cybersecurity measures and are criticizing the agency for not employing multifactor authentication measures to protect employees against cyberattacks.

Sens. Ron WydenRonald (Ron) Lee WydenOvernight Health Care: House set to vote on bill targeting drug companies for overcharging Medicaid | Dems press Trump officials on pre-existing conditions | Tobacco giant invests .8B in Canadian marijuana grower House set to vote on bill cracking down on drug companies overcharging Medicaid Manchin’s likely senior role on key energy panel rankles progressives MORE (D-Ore.), Cory GardnerCory Scott GardnerCan a rising tide of female legislators lift all boats? Setting the record straight about No Labels Overnight Health Care: Senators urge vote on delaying health insurance tax | Joe Kennedy III 'hopeful' he can back 'Medicare for all' bill | Latest Ebola outbreak becomes world's 2nd-worst MORE (R-Colo.), Ed MarkeyEdward (Ed) John MarkeyFocus on Yemen, not the Saudi crown prince Mattis: Investigation into killing of Khashoggi is ongoing Senators introduce resolution saying Saudi crown prince 'complicit' in Khashoggi slaying MORE (D-Mass.), Rand PaulRandal (Rand) Howard PaulDems have new moniker for Trump: ‘Unindicted co-conspirator' Rand Paul downplays potential Trump campaign finance violations: 'We’ve over-criminalized campaign finance' Paul calls Trump's pick for attorney general's views on surveillance 'very troubling' MORE (R-Ky.), and Jeanne ShaheenCynthia (Jeanne) Jeanne ShaheenOvernight Defense: Nauert tapped for UN envoy | Trump teases changes to Joint Chiefs of Staff | Trump knocks Tillerson as 'dumb as a rock' | Scathing report details Air Force failures before Texas shooting New Hampshire's secretary of state narrowly holds seat Overnight Health Care: Senators urge vote on delaying health insurance tax | Joe Kennedy III 'hopeful' he can back 'Medicare for all' bill | Latest Ebola outbreak becomes world's 2nd-worst MORE (D-N.H.) on Tuesday sent a letter that urged Secretary of State Mike PompeoMichael (Mike) Richard PompeoTrump ultimatum sparks fears of new arms race Paul calls Trump's pick for attorney general's views on surveillance 'very troubling' Focus on Yemen, not the Saudi crown prince MORE to employ more multifactor authentication measures to secure the agency's information systems.

Multifactor authentication helps protect against phishing attacks that usually aim to steal user data.

ADVERTISEMENT

“We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of [multifactor authentication],” the senators wrote to Pompeo.

 “The Department of State’s Inspector General (IG) found last year that 33% of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits. The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems,’ ” the letter continues.

The lawmakers asked Pompeo what State has done to boost its security after the Office of Management and Budget designated the agency's cyber readiness as “high risk,” how the agency will address the lack of multifactor authentication that is required by law and for statistics that detail the department's cyber incidences over the last three years.

The lawmakers asked Pompeo to answer these questions by Oct. 12.

The letter comes amid heightened concern that hostile nation states like Russia and Iran are seeking to target the U.S. through digital means, particularly ahead of the upcoming midterm elections.

Recently, Director of National Intelligence Dan CoatsDaniel (Dan) Ray CoatsDems slam Trump for siding with Saudi Arabia in Khashoggi killing Dem senator demands public intelligence assessment on Khashoggi killing Hillicon Valley: Official warns midterm influence could trigger sanctions | UK, Canada call on Zuckerberg to testify | Google exec resigns after harassment allegations | Gab CEO defends platform | T-Mobile, Sprint tailor merger pitch for Trump MORE declared that the “warning lights are blinking red again” on Russians attempting to carry out cyberattacks during the midterms.

U.S. intelligence agencies say Kremlin hackers used phishing attacks during the heated 2016 presidential race to target political campaigns. 

In July it was reported that Russian hackers had targeted Sen. Claire McCaskillClaire Conner McCaskillMissouri GOP Secretary of State launches investigation into Hawley’s time as AG The Hill's Morning Report — Presented by T-Mobile — Congress to act soon to avoid shutdown Schumer gets ready to go on the offensive MORE's (D-Mo.) office with phishing emails.

That report came after special counsel Robert MuellerRobert Swan MuellerSasse: US should applaud choice of Mueller to lead Russia probe MORE indicted 12 Russian intelligence officers in the hacking of the Democratic National Committee in 2016 in charges related to his ongoing probe of Moscow's election interference.